Search...

binutils:fuzz_readelf: Heap-buffer-overflow in slurp_hppa_unwind_table

2020-07-09T02:31:07

ID OSSFUZZ-24020
Type ossfuzz
Reporter Google
Modified 2020-08-09T20:05:32

Description

Detailed Report: https://oss-fuzz.com/testcase?key=4815629438418944

Project: binutils Fuzzing Engine: honggfuzz Fuzz Target: fuzz_readelf Job Type: honggfuzz_asan_binutils Platform Id: linux

Crash Type: Heap-buffer-overflow WRITE 2 Crash Address: 0x6020000000c0 Crash State: slurp_hppa_unwind_table hppa_process_unwind process_unwind

Sanitizer: address (ASAN)

Recommended Security Severity: High

Regressed: https://oss-fuzz.com/revisions?job=honggfuzz_asan_binutils&range=202003100201:202003120200

Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=4815629438418944

Issue filed automatically.

See https://google.github.io/oss-fuzz/advanced-topics/reproducing for instructions to reproduce this bug locally. When you fix this bug, please * mention the fix revision(s). * state whether the bug was a short-lived regression or an old bug in any stable releases. * add any other useful information. This information can help downstream consumers.

If you need to contact the OSS-Fuzz team with a question, concern, or any other feedback, please file an issue at https://github.com/google/oss-fuzz/issues. Comments on individual Monorail issues are not monitored.

This bug is subject to a 90 day disclosure deadline. If 90 days elapse without an upstream patch, then the bug report will automatically become visible to the public.

JSON Vulners Source

Initial Source

{"id": "OSSFUZZ-24020", "type": "ossfuzz", "bulletinFamily": "software", "title": "binutils:fuzz_readelf: Heap-buffer-overflow in slurp_hppa_unwind_table", "description": "Detailed Report: https://oss-fuzz.com/testcase?key=4815629438418944\n\nProject: binutils\nFuzzing Engine: honggfuzz\nFuzz Target: fuzz_readelf\nJob Type: honggfuzz_asan_binutils\nPlatform Id: linux\n\nCrash Type: Heap-buffer-overflow WRITE 2\nCrash Address: 0x6020000000c0\nCrash State:\n slurp_hppa_unwind_table\n hppa_process_unwind\n process_unwind\n \nSanitizer: address (ASAN)\n\nRecommended Security Severity: High\n\nRegressed: https://oss-fuzz.com/revisions?job=honggfuzz_asan_binutils&range=202003100201:202003120200\n\nReproducer Testcase: https://oss-fuzz.com/download?testcase_id=4815629438418944\n\nIssue filed automatically.\n\nSee https://google.github.io/oss-fuzz/advanced-topics/reproducing for instructions to reproduce this bug locally.\nWhen you fix this bug, please\n * mention the fix revision(s).\n * state whether the bug was a short-lived regression or an old bug in any stable releases.\n * add any other useful information.\nThis information can help downstream consumers.\n\nIf you need to contact the OSS-Fuzz team with a question, concern, or any other feedback, please file an issue at https://github.com/google/oss-fuzz/issues. Comments on individual Monorail issues are not monitored.\n\nThis bug is subject to a 90 day disclosure deadline. If 90 days elapse\nwithout an upstream patch, then the bug report will automatically\nbecome visible to the public.", "published": "2020-07-09T02:31:07", "modified": "2020-08-09T20:05:32", "cvss": {}, "href": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24020", "reporter": "Google", "references": [], "cvelist": [], "lastseen": "2020-08-09T20:33:51", "viewCount": 1, "enchantments": {"dependencies": {"references": [], "modified": "2020-08-09T20:33:51", "rev": 2}, "score": {"value": -1.0, "vector": "NONE", "modified": "2020-08-09T20:33:51", "rev": 2}, "vulnersScore": -1.0}, "ossfuzz": {"issue": 24020, "status": "Verified", "project": "binutils", "ref": "https://oss-fuzz.com/revisions?job=honggfuzz_asan_binutils&range=202007080224:202007092130", "crashType": "Heap-buffer-overflow WRITE 2", "revisions": [], "error": "no_rev"}, "affectedSoftware": [{"name": "binutils", "version": "unknown", "operator": "eq"}], "immutableFields": []}