Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.EULEROS_SA-2021-1767.NASL
HistoryApr 30, 2021 - 12:00 a.m.

EulerOS 2.0 SP3 : binutils (EulerOS-SA-2021-1767)

2021-04-3000:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
28

7.8 High

AI Score

Confidence

High

JSON

According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  • A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.34, in debug_get_real_type, as demonstrated in objdump, that can cause a denial of service via a crafted file.(CVE-2020-16598)

  • A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34.(CVE-2020-35493)

  • A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file.(CVE-2020-16592)

  • find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.(CVE-2019-17450)

  • The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vn_next, during ‘readelf -a’ execution.(CVE-2017-14333)

  • There’s a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to data confidentiality. This flaw affects binutils versions prior to 2.34.(CVE-2020-35494)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(149165);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/02");

  script_cve_id(
    "CVE-2017-14333",
    "CVE-2019-17450",
    "CVE-2020-16592",
    "CVE-2020-16598",
    "CVE-2020-35493",
    "CVE-2020-35494"
  );

  script_name(english:"EulerOS 2.0 SP3 : binutils (EulerOS-SA-2021-1767)");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing multiple security updates.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the binutils packages installed, the
EulerOS installation on the remote host is affected by the following
vulnerabilities :

  - A Null Pointer Dereference vulnerability exists in the
    Binary File Descriptor (BFD) library (aka libbfd), as
    distributed in GNU Binutils 2.34, in
    debug_get_real_type, as demonstrated in objdump, that
    can cause a denial of service via a crafted
    file.(CVE-2020-16598)

  - A flaw exists in binutils in bfd/pef.c. An attacker who
    is able to submit a crafted PEF file to be parsed by
    objdump could cause a heap buffer overflow ->
    out-of-bounds read that could lead to an impact to
    application availability. This flaw affects binutils
    versions prior to 2.34.(CVE-2020-35493)

  - A use after free issue exists in the Binary File
    Descriptor (BFD) library (aka libbfd) in GNU Binutils
    2.34 in bfd_hash_lookup, as demonstrated in nm-new,
    that can cause a denial of service via a crafted
    file.(CVE-2020-16592)

  - find_abstract_instance in dwarf2.c in the Binary File
    Descriptor (BFD) library (aka libbfd), as distributed
    in GNU Binutils 2.32, allows remote attackers to cause
    a denial of service (infinite recursion and application
    crash) via a crafted ELF file.(CVE-2019-17450)

  - The process_version_sections function in readelf.c in
    GNU Binutils 2.29 allows attackers to cause a denial of
    service (Integer Overflow, and hang because of a
    time-consuming loop) or possibly have unspecified other
    impact via a crafted binary file with invalid values of
    ent.vn_next, during 'readelf -a'
    execution.(CVE-2017-14333)

  - There's a flaw in binutils /opcodes/tic4x-dis.c. An
    attacker who is able to submit a crafted input file to
    be processed by binutils could cause usage of
    uninitialized memory. The highest threat is to
    application availability with a lower threat to data
    confidentiality. This flaw affects binutils versions
    prior to 2.34.(CVE-2020-35494)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1767
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?6e8c690f");
  script_set_attribute(attribute:"solution", value:
"Update the affected binutils packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-35494");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2017-14333");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"patch_publication_date", value:"2021/04/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/04/30");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:binutils");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:binutils-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
  script_exclude_keys("Host/EulerOS/uvp_version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");

sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(3)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP3");

uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP3", "EulerOS UVP " + uvp);

if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);

flag = 0;

pkgs = ["binutils-2.25.1-22.base.h46",
        "binutils-devel-2.25.1-22.base.h46"];

foreach (pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", sp:"3", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "binutils");
}
VendorProductVersionCPE
huaweieulerosbinutilsp-cpe:/a:huawei:euleros:binutils
huaweieulerosbinutils-develp-cpe:/a:huawei:euleros:binutils-devel
huaweieuleros2.0cpe:/o:huawei:euleros:2.0

Related

openvas 35
nessus 53
fedora 3
mageia 3
osv 7
debiancve 5
redhatcve 6
cvelist 5
cbl_mariner 3
alpinelinux 3
prion 6
cve 6
ubuntucve 5
veracode 2
photon 15
redhat 6
oraclelinux 1
almalinux 1
cloudfoundry 2
ubuntu 3
suse 4
gentoo 3
ibm 5
rosalinux 1
cloudlinux 4
openvas
openvas
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2021-1767)
2021-05-03 00:00:00
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2021-1670)
2021-03-24 00:00:00
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2021-1408)
2021-03-05 00:00:00
nessus
nessus
EulerOS Virtualization 3.0.2.6 : binutils (EulerOS-SA-2021-1408)
2021-03-10 00:00:00
EulerOS 2.0 SP5 : binutils (EulerOS-SA-2021-1670)
2021-03-24 00:00:00
EulerOS Virtualization 3.0.6.6 : binutils (EulerOS-SA-2021-1459)
2021-03-10 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: mingw-binutils-2.34-4.fc33
2020-12-27 01:40:37
[SECURITY] Fedora 32 Update: mingw-binutils-2.32-8.fc32
2020-12-27 01:17:02
[SECURITY] Fedora 32 Update: mingw-binutils-2.32-9.fc32
2021-01-07 01:14:18
mageia
mageia
Updated binutils packages fix security vulnerabilities
2021-01-08 18:34:55
Updated binutils packages fix security vulnerabilities
2020-03-06 19:13:58
Updated binutils packages fixes security vulnerabilities
2019-05-12 23:58:05
osv
osv
CVE-2017-14333
2017-09-12 08:29:00
CVE-2020-35494
2021-01-04 15:15:13
CVE-2020-16592
2020-12-09 21:15:15
debiancve
debiancve
CVE-2017-14333
2017-09-12 08:29:00
CVE-2020-35494
2021-01-04 15:15:00
CVE-2020-16592
2020-12-09 21:15:00
redhatcve
redhatcve
CVE-2017-14333
2017-09-15 14:48:40
CVE-2020-35494
2020-12-29 14:00:42
CVE-2020-16592
2020-12-11 11:58:18
cvelist
cvelist
CVE-2017-14333
2017-09-12 08:00:00
CVE-2020-35494
2021-01-04 14:23:23
CVE-2020-35493
2021-01-04 14:22:55
cbl_mariner
cbl_mariner
CVE-2020-35494 affecting package binutils 2.32-5
2021-01-29 07:39:23
CVE-2020-35493 affecting package binutils 2.32-5
2021-01-29 07:39:23
CVE-2019-17450 affecting package binutils 2.32-5
2020-11-30 19:30:57
alpinelinux
alpinelinux
CVE-2020-35493
2021-01-04 15:15:00
CVE-2020-35494
2021-01-04 15:15:00
CVE-2020-16592
2020-12-09 21:15:00
prion
prion
Heap overflow
2021-01-04 15:15:00
Design/Logic Flaw
2021-01-04 15:15:00
Design/Logic Flaw
2020-12-09 21:15:00
cve
cve
CVE-2020-35494
2021-01-04 15:15:00
CVE-2020-35493
2021-01-04 15:15:00
CVE-2020-16592
2020-12-09 21:15:00
ubuntucve
ubuntucve
CVE-2020-35494
2021-01-04 00:00:00
CVE-2020-35493
2021-01-04 00:00:00
CVE-2020-16592
2020-12-09 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-12-24 08:26:29
Denial Of Service (DoS)
2020-09-21 06:40:46
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0321
2021-02-26 00:00:00
Moderate Photon OS Security Update - PHSA-2021-0196
2021-02-19 00:00:00
Critical Photon OS Security Update - PHSA-2021-0321
2021-02-19 00:00:00
redhat
redhat
(RHSA-2020:4465) Low: binutils security update
2020-11-03 12:07:20
(RHSA-2020:5364) Moderate: OpenShift Container Platform 4.7 low-latency extras security and bug fix update
2021-02-24 18:09:49
(RHSA-2021:0190) Moderate: OpenShift Container Platform 4.6 compliance-operator security and bug fix update
2021-01-19 13:29:21
oraclelinux
oraclelinux
binutils security update
2020-11-10 00:00:00
almalinux
almalinux
Low: binutils security update
2020-11-03 12:07:20
cloudfoundry
cloudfoundry
USN-5124-1: GNU binutils vulnerabilities | Cloud Foundry
2021-10-28 00:00:00
USN-4336-1: GNU binutils vulnerabilities | Cloud Foundry
2020-05-14 00:00:00
ubuntu
ubuntu
GNU binutils vulnerabilities
2021-10-25 00:00:00
GNU binutils vulnerabilities
2020-04-22 00:00:00
GNU binutils vulnerabilities
2021-07-21 00:00:00
suse
suse
Security update for binutils (moderate)
2021-11-04 00:00:00
Security update for binutils (moderate)
2021-11-15 00:00:00
Security update for binutils (moderate)
2020-11-01 00:00:00
gentoo
gentoo
Binutils: Multiple vulnerabilities
2020-07-27 00:00:00
Binutils: Multiple vulnerabilities
2021-07-10 00:00:00
Binutils: Multiple vulnerabilities
2018-01-07 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in GNU binutils affect IBM Netezza Analytics
2021-01-13 15:48:56
Security Bulletin: Multiple vulnerabilities in GNU binutils affect IBM Netezza Analytics for NPS
2022-05-31 03:16:48
Security Bulletin: Multiple vulnerabilities in GNU Binutils affect IBM Netezza Performance Server
2022-05-31 03:16:48
rosalinux
rosalinux
Advisory ROSA-SA-2021-1808
2021-07-02 16:33:56
cloudlinux
cloudlinux
Fix of 36 CVEs
2021-12-27 16:08:07
Fix of CVE: CVE-2018-18605, CVE-2019-12972, CVE-2016-4490, CVE-2018-6543, CVE-2018-19931, CVE-2018-10535, CVE-2019-17450, CVE-2018-7643, CVE-2016-4487, CVE-2016-4492, CVE-2018-20002, CVE-2018-1000876, CVE-2019-9073, CVE-2019-9075, CVE-2018-20671, CVE-2016-4488, CVE-2018-7568, CVE-2018-7642, CVE-2018-10373, CVE-2018-6323, CVE-2016-2226, CVE-2016-4493, CVE-2018-19932, CVE-2018-6759, CVE-2019-9077, CVE-2018-18607, CVE-2018-8945, CVE-2018-7208, CVE-2016-6131, CVE-2018-13033, CVE-2018-20623, CVE-2019-14444, CVE-2018-18309, CVE-2018-18606, CVE-2018-7569, CVE-2016-4489
2021-12-16 16:02:14
Fix of 56 CVEs
2021-12-06 15:16:59

7.8 High

AI Score

Confidence

High

JSON
Related for EULEROS_SA-2021-1767.NASL
openvas35nessus53fedora3mageia3osv7debiancve5redhatcve6cvelist5cbl_mariner3alpinelinux3prion6cve6ubuntucve5veracode2photon15redhat6oraclelinux1almalinux1cloudfoundry2ubuntu3suse4gentoo3ibm5rosalinux1cloudlinux4