[Touch-packages] [Bug 1763096] Re: Multiple memory corruption in as-new (binuitils-2.30-15ubuntu1)
This bug was fixed in the package binutils - 2.30-21ubuntu1~18.04 --- binutils (2.30-21ubuntu1~18.04) bionic-proposed; urgency=medium * SRU: LP: #1769657 * Build cross packages for armel, armhf, arm64 on ppc64el. binutils (2.30-21ubuntu1) cosmic; urgency=medium * Merge with Debian; remaining changes: - Build from upstream sources. binutils (2.30-21) unstable; urgency=medium * Update, taken from the 2.30 branch 20180529. - x86-64: Add TLSDESC fields to elf_x86_lazy_plt_layout. - PR binutils/23199, mark section in a section group with SHF_GROUP. - PR ld/23194, x86: Don't set eh->local_ref to 1 for versioned symbol. - PR ld/23189, x86: Don't set eh->local_ref to 1 for linker defined symbols. - PR binutils/23199, Invalid SHT_GROUP entry leads to group confusion. * Fix PR gprof/23056, memory corruption in gprof. LP: #1763098. * Fix PR binutils/23054, memory corruption in as. LP: #1763096. * Fix PR ld/23055, memory corruption in ld. LP: #1763094. -- Matthias Klose Wed, 12 Sep 2018 17:38:08 +0200 ** Changed in: binutils (Ubuntu Bionic) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to binutils in Ubuntu. https://bugs.launchpad.net/bugs/1763096 Title: Multiple memory corruption in as-new (binuitils-2.30-15ubuntu1) Status in binutils package in Ubuntu: Fix Released Status in binutils source package in Bionic: Fix Released Bug description: Dear all, The following binutils as-new memory corruptions were found by a modified version of the kAFL fuzzer (https://github.com/RUB-SysSec/kAFL). I have attached the crashing inputs and each ASAN report. Steps to reproduce: Build current verison of binutils: ``` pull-lp-source binutils cd binutils-2.30 CC=clang CXX=clang++ CFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" CXXFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" LDFLAGS="-fsanitize=address" ./configure CC=clang CXX=clang++ CFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" CXXFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" LDFLAGS="-fsanitize=address" make ``` run inputs under ASAN: ``` ASAN_OPTIONS=halt_on_error=false:allow_addr2line=true ./as-new $file ``` We can verify those issues for as-new binuitils-2.30-15ubuntu1 (Ubuntu 16.04.4 LTS / sources from "pull-lp-source bintuils"). Credits: Sergej Schumilo, Cornelius Aschermann (both of Ruhr- Universität Bochum) Best regards, Sergej Schumilo To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763096/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1763096] Re: Multiple memory corruption in as-new (binuitils-2.30-15ubuntu1)
This bug is already fixed in the latest version present in bionic- security - marking as verified. ** Tags removed: verification-needed verification-needed-bionic ** Tags added: verification-done verification-done-bionic -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to binutils in Ubuntu. https://bugs.launchpad.net/bugs/1763096 Title: Multiple memory corruption in as-new (binuitils-2.30-15ubuntu1) Status in binutils package in Ubuntu: Fix Released Status in binutils source package in Bionic: Fix Committed Bug description: Dear all, The following binutils as-new memory corruptions were found by a modified version of the kAFL fuzzer (https://github.com/RUB-SysSec/kAFL). I have attached the crashing inputs and each ASAN report. Steps to reproduce: Build current verison of binutils: ``` pull-lp-source binutils cd binutils-2.30 CC=clang CXX=clang++ CFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" CXXFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" LDFLAGS="-fsanitize=address" ./configure CC=clang CXX=clang++ CFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" CXXFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" LDFLAGS="-fsanitize=address" make ``` run inputs under ASAN: ``` ASAN_OPTIONS=halt_on_error=false:allow_addr2line=true ./as-new $file ``` We can verify those issues for as-new binuitils-2.30-15ubuntu1 (Ubuntu 16.04.4 LTS / sources from "pull-lp-source bintuils"). Credits: Sergej Schumilo, Cornelius Aschermann (both of Ruhr- Universität Bochum) Best regards, Sergej Schumilo To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763096/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1763096] Re: Multiple memory corruption in as-new (binuitils-2.30-15ubuntu1)
Hello Sergej, or anyone else affected, Accepted binutils into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/binutils/2.30-21ubuntu1~18.04 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance! ** Changed in: binutils (Ubuntu Bionic) Status: Fix Released => Fix Committed ** Tags added: verification-needed verification-needed-bionic -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to binutils in Ubuntu. https://bugs.launchpad.net/bugs/1763096 Title: Multiple memory corruption in as-new (binuitils-2.30-15ubuntu1) Status in binutils package in Ubuntu: Fix Released Status in binutils source package in Bionic: Fix Committed Bug description: Dear all, The following binutils as-new memory corruptions were found by a modified version of the kAFL fuzzer (https://github.com/RUB-SysSec/kAFL). I have attached the crashing inputs and each ASAN report. Steps to reproduce: Build current verison of binutils: ``` pull-lp-source binutils cd binutils-2.30 CC=clang CXX=clang++ CFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" CXXFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" LDFLAGS="-fsanitize=address" ./configure CC=clang CXX=clang++ CFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" CXXFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" LDFLAGS="-fsanitize=address" make ``` run inputs under ASAN: ``` ASAN_OPTIONS=halt_on_error=false:allow_addr2line=true ./as-new $file ``` We can verify those issues for as-new binuitils-2.30-15ubuntu1 (Ubuntu 16.04.4 LTS / sources from "pull-lp-source bintuils"). Credits: Sergej Schumilo, Cornelius Aschermann (both of Ruhr- Universität Bochum) Best regards, Sergej Schumilo To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763096/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1763096] Re: Multiple memory corruption in as-new (binuitils-2.30-15ubuntu1)
This bug was fixed in the package binutils - 2.30-20ubuntu2~18.04 --- binutils (2.30-20ubuntu2~18.04) bionic-security; urgency=medium * Combined security update / SRU: LP: #1771635, LP: #1769657. binutils (2.30-20ubuntu2) cosmic; urgency=medium * Fix PR gprof/23056, memory corruption in gprof. LP: #1763098. * Fix PR binutils/23054, memory corruption in as. LP: #1763096. * Fix PR ld/23055, memory corruption in ld. LP: #1763094. binutils (2.30-20ubuntu1) cosmic; urgency=medium * Merge with Debian; remaining changes: - Build from upstream sources. binutils (2.30-20) unstable; urgency=medium * Update, taken from the 2.30 branch 20180516. - Fix PR binutils/23109, disassembly mask for vector sdot on AArch64. - Fix uninitialised memory acccess in COFF bfd backend. - Update Portuguese translations. binutils (2.30-19) unstable; urgency=medium * Build-depend on procps. binutils (2.30-17ubuntu1) cosmic; urgency=medium * Merge with Debian; remaining changes: - Build from upstream sources. binutils (2.30-17) unstable; urgency=medium * Update, taken from the 2.30 branch 20180502. - Fix PR ld/23123, PR ld/22374, PowerPC32 ifunc regression. - AArch64: Fix the mask for the sqrdml(a|s)h instructions. * Fix unintialized memory in aarch64 opcodes, taken from the trunk. binutils (2.30-16) unstable; urgency=medium * Update, taken from the 2.30 branch 20180425. - Fix PR ld 22782, x86: Remove the unused _GLOBAL_OFFSET_TABLE_. - Update spanish and russian translations. * Add amd64, i386, x32 and riscv64 cross compilers as build (test) dependencies. -- Matthias Klose Wed, 16 May 2018 15:20:51 -0400 ** Changed in: binutils (Ubuntu Bionic) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to binutils in Ubuntu. https://bugs.launchpad.net/bugs/1763096 Title: Multiple memory corruption in as-new (binuitils-2.30-15ubuntu1) Status in binutils package in Ubuntu: Fix Released Status in binutils source package in Bionic: Fix Released Bug description: Dear all, The following binutils as-new memory corruptions were found by a modified version of the kAFL fuzzer (https://github.com/RUB-SysSec/kAFL). I have attached the crashing inputs and each ASAN report. Steps to reproduce: Build current verison of binutils: ``` pull-lp-source binutils cd binutils-2.30 CC=clang CXX=clang++ CFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" CXXFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" LDFLAGS="-fsanitize=address" ./configure CC=clang CXX=clang++ CFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" CXXFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" LDFLAGS="-fsanitize=address" make ``` run inputs under ASAN: ``` ASAN_OPTIONS=halt_on_error=false:allow_addr2line=true ./as-new $file ``` We can verify those issues for as-new binuitils-2.30-15ubuntu1 (Ubuntu 16.04.4 LTS / sources from "pull-lp-source bintuils"). Credits: Sergej Schumilo, Cornelius Aschermann (both of Ruhr- Universität Bochum) Best regards, Sergej Schumilo To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763096/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1763096] Re: Multiple memory corruption in as-new (binuitils-2.30-15ubuntu1)
This bug was fixed in the package binutils - 2.30-20ubuntu2 --- binutils (2.30-20ubuntu2) cosmic; urgency=medium * Fix PR gprof/23056, memory corruption in gprof. LP: #1763098. * Fix PR binutils/23054, memory corruption in as. LP: #1763096. * Fix PR ld/23055, memory corruption in ld. LP: #1763094. binutils (2.30-20ubuntu1) cosmic; urgency=medium * Merge with Debian; remaining changes: - Build from upstream sources. binutils (2.30-20) unstable; urgency=medium * Update, taken from the 2.30 branch 20180516. - Fix PR binutils/23109, disassembly mask for vector sdot on AArch64. - Fix uninitialised memory acccess in COFF bfd backend. - Update Portuguese translations. binutils (2.30-19) unstable; urgency=medium * Build-depend on procps. -- Matthias KloseWed, 16 May 2018 13:03:58 -0400 ** Changed in: binutils (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to binutils in Ubuntu. https://bugs.launchpad.net/bugs/1763096 Title: Multiple memory corruption in as-new (binuitils-2.30-15ubuntu1) Status in binutils package in Ubuntu: Fix Released Status in binutils source package in Bionic: Confirmed Bug description: Dear all, The following binutils as-new memory corruptions were found by a modified version of the kAFL fuzzer (https://github.com/RUB-SysSec/kAFL). I have attached the crashing inputs and each ASAN report. Steps to reproduce: Build current verison of binutils: ``` pull-lp-source binutils cd binutils-2.30 CC=clang CXX=clang++ CFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" CXXFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" LDFLAGS="-fsanitize=address" ./configure CC=clang CXX=clang++ CFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" CXXFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" LDFLAGS="-fsanitize=address" make ``` run inputs under ASAN: ``` ASAN_OPTIONS=halt_on_error=false:allow_addr2line=true ./as-new $file ``` We can verify those issues for as-new binuitils-2.30-15ubuntu1 (Ubuntu 16.04.4 LTS / sources from "pull-lp-source bintuils"). Credits: Sergej Schumilo, Cornelius Aschermann (both of Ruhr- Universität Bochum) Best regards, Sergej Schumilo To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763096/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1763096] Re: Multiple memory corruption in as-new (binuitils-2.30-15ubuntu1)
** Changed in: binutils (Ubuntu) Status: New => Confirmed ** Changed in: binutils (Ubuntu Bionic) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to binutils in Ubuntu. https://bugs.launchpad.net/bugs/1763096 Title: Multiple memory corruption in as-new (binuitils-2.30-15ubuntu1) Status in binutils package in Ubuntu: Confirmed Status in binutils source package in Bionic: Confirmed Bug description: Dear all, The following binutils as-new memory corruptions were found by a modified version of the kAFL fuzzer (https://github.com/RUB-SysSec/kAFL). I have attached the crashing inputs and each ASAN report. Steps to reproduce: Build current verison of binutils: ``` pull-lp-source binutils cd binutils-2.30 CC=clang CXX=clang++ CFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" CXXFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" LDFLAGS="-fsanitize=address" ./configure CC=clang CXX=clang++ CFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" CXXFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" LDFLAGS="-fsanitize=address" make ``` run inputs under ASAN: ``` ASAN_OPTIONS=halt_on_error=false:allow_addr2line=true ./as-new $file ``` We can verify those issues for as-new binuitils-2.30-15ubuntu1 (Ubuntu 16.04.4 LTS / sources from "pull-lp-source bintuils"). Credits: Sergej Schumilo, Cornelius Aschermann (both of Ruhr- Universität Bochum) Best regards, Sergej Schumilo To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763096/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1763096] Re: Multiple memory corruption in as-new (binuitils-2.30-15ubuntu1)
** Also affects: binutils (Ubuntu Bionic) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to binutils in Ubuntu. https://bugs.launchpad.net/bugs/1763096 Title: Multiple memory corruption in as-new (binuitils-2.30-15ubuntu1) Status in binutils package in Ubuntu: New Status in binutils source package in Bionic: New Bug description: Dear all, The following binutils as-new memory corruptions were found by a modified version of the kAFL fuzzer (https://github.com/RUB-SysSec/kAFL). I have attached the crashing inputs and each ASAN report. Steps to reproduce: Build current verison of binutils: ``` pull-lp-source binutils cd binutils-2.30 CC=clang CXX=clang++ CFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" CXXFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" LDFLAGS="-fsanitize=address" ./configure CC=clang CXX=clang++ CFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" CXXFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" LDFLAGS="-fsanitize=address" make ``` run inputs under ASAN: ``` ASAN_OPTIONS=halt_on_error=false:allow_addr2line=true ./as-new $file ``` We can verify those issues for as-new binuitils-2.30-15ubuntu1 (Ubuntu 16.04.4 LTS / sources from "pull-lp-source bintuils"). Credits: Sergej Schumilo, Cornelius Aschermann (both of Ruhr- Universität Bochum) Best regards, Sergej Schumilo To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763096/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1763096] Re: Multiple memory corruption in as-new (binuitils-2.30-15ubuntu1)
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to binutils in Ubuntu. https://bugs.launchpad.net/bugs/1763096 Title: Multiple memory corruption in as-new (binuitils-2.30-15ubuntu1) Status in binutils package in Ubuntu: New Bug description: Dear all, The following binutils as-new memory corruptions were found by a modified version of the kAFL fuzzer (https://github.com/RUB-SysSec/kAFL). I have attached the crashing inputs and each ASAN report. Steps to reproduce: Build current verison of binutils: ``` pull-lp-source binutils cd binutils-2.30 CC=clang CXX=clang++ CFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" CXXFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" LDFLAGS="-fsanitize=address" ./configure CC=clang CXX=clang++ CFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" CXXFLAGS="-fsanitize=address -fsanitize-recover=address -ggdb" LDFLAGS="-fsanitize=address" make ``` run inputs under ASAN: ``` ASAN_OPTIONS=halt_on_error=false:allow_addr2line=true ./as-new $file ``` We can verify those issues for as-new binuitils-2.30-15ubuntu1 (Ubuntu 16.04.4 LTS / sources from "pull-lp-source bintuils"). Credits: Sergej Schumilo, Cornelius Aschermann (both of Ruhr- Universität Bochum) Best regards, Sergej Schumilo To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763096/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp