SUSE-CU-2022:1737-1: Security update of bci/bci-init
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Wed Aug 3 07:19:14 UTC 2022
SUSE Container Update Advisory: bci/bci-init
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:1737-1
Container Tags : bci/bci-init:15.3 , bci/bci-init:15.3.17.33
Container Release : 17.33
Severity : moderate
Type : security
References : 1033084 1033085 1033086 1033087 1033088 1033089 1033090 1082318
1104264 1106390 1107066 1107067 1111973 1112723 1112726 1123685
1125007 CVE-2017-7607 CVE-2017-7608 CVE-2017-7609 CVE-2017-7610
CVE-2017-7611 CVE-2017-7612 CVE-2017-7613 CVE-2018-16062 CVE-2018-16402
CVE-2018-16403 CVE-2018-18310 CVE-2018-18520 CVE-2018-18521 CVE-2019-7146
CVE-2019-7148 CVE-2019-7149 CVE-2019-7150 CVE-2019-7664 CVE-2019-7665
-----------------------------------------------------------------
The container bci/bci-init was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2614-1
Released: Mon Aug 1 10:41:04 2022
Summary: Security update for dwarves and elfutils
Type: security
Severity: moderate
References: 1033084,1033085,1033086,1033087,1033088,1033089,1033090,1082318,1104264,1106390,1107066,1107067,1111973,1112723,1112726,1123685,1125007,CVE-2017-7607,CVE-2017-7608,CVE-2017-7609,CVE-2017-7610,CVE-2017-7611,CVE-2017-7612,CVE-2017-7613,CVE-2018-16062,CVE-2018-16402,CVE-2018-16403,CVE-2018-18310,CVE-2018-18520,CVE-2018-18521,CVE-2019-7146,CVE-2019-7148,CVE-2019-7149,CVE-2019-7150,CVE-2019-7664,CVE-2019-7665
This update for dwarves and elfutils fixes the following issues:
elfutils was updated to version 0.177 (jsc#SLE-24501):
- elfclassify: New tool to analyze ELF objects.
- readelf: Print DW_AT_data_member_location as decimal offset.
Decode DW_AT_discr_list block attributes.
- libdw: Add DW_AT_GNU_numerator, DW_AT_GNU_denominator and DW_AT_GNU_bias.
- libdwelf: Add dwelf_elf_e_machine_string.
dwelf_elf_begin now only returns NULL when there is an error
reading or decompressing a file. If the file is not an ELF file
an ELF handle of type ELF_K_NONE is returned.
- backends: Add support for C-SKY.
Update to version 0.176:
- build: Add new --enable-install-elfh option.
Do NOT use this for system installs (it overrides glibc elf.h).
- backends: riscv improved core file and return value location support.
- Fixes:
- CVE-2019-7146, CVE-2019-7148, CVE-2019-7149, CVE-2019-7664 - CVE-2019-7150: dwfl_segment_report_module doesn't check whether the dyn data read from core file is truncated (bsc#1123685)
- CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (CVE is a bit misleading, as this is not a bug in libelf as described) (bsc#1125007)
Update to version 0.175:
- readelf: Handle mutliple .debug_macro sections.
Recognize and parse GNU Property, NT_VERSION and
GNU Build Attribute ELF Notes.
- strip: Handle SHT_GROUP correctly.
Add strip --reloc-debug-sections-only option.
Handle relocations against GNU compressed sections.
- libdwelf: New function dwelf_elf_begin.
- libcpu: Recognize bpf jump variants BPF_JLT, BPF_JLE, BPF_JSLT
and BPF_JSLE.
backends: RISCV handles ADD/SUB relocations.
Handle SHT_X86_64_UNWIND.
- CVE-2018-18521: arlib: Divide-by-zero vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bsc#1112723)
- CVE-2018-18310: Invalid Address Read problem in dwfl_segment_report_module.c (bsc#1111973)
- CVE-2018-18520: eu-size: Bad handling of ar files inside are files (bsc#1112726)
Update to version 0.174:
- libelf, libdw and all tools now handle extended shnum and
shstrndx correctly.
- elfcompress: Don't rewrite input file if no section data needs
updating. Try harder to keep same file mode bits
(suid) on rewrite.
- strip: Handle mixed (out of order) allocated/non-allocated sections.
- unstrip: Handle SHT_GROUP sections.
- backends: RISCV and M68K now have backend implementations to
generate CFI based backtraces.
- Fixes:
- CVE-2018-16402: libelf: denial of service/double free on an attempt to decompress the same section twice (bsc#1107066) Double-free crash in nm and readelf
- CVE-2018-16403: heap buffer overflow in readelf (bsc#1107067)
- CVE-2018-16062: heap-buffer-overflow in /elfutils/libdw/dwarf_getaranges.c:156 (bsc#1106390)
Update to version 0.173:
- More fixes for crashes and hangs found by afl-fuzz. In particular various
functions now detect and break infinite loops caused by bad DIE tree cycles.
- readelf: Will now lookup the size and signedness of constant value types
to display them correctly (and not just how they were encoded).
- libdw: New function dwarf_next_lines to read CU-less .debug_line data.
dwarf_begin_elf now accepts ELF files containing just .debug_line
or .debug_frame sections (which can be read without needing a DIE
tree from the .debug_info section).
Removed dwarf_getscn_info, which was never implemented.
- backends: Handle BPF simple relocations.
The RISCV backends now handles ABI specific CFI and knows about
RISCV register types and names.
Update to version 0.172:
- Various bug fixes in libdw and eu-readelf dealing with bad DWARF5 data.
Thanks to running the afl fuzzer on eu-readelf and various testcases.
Update to version 0.171:
- DWARF5 and split dwarf, including GNU DebugFission, are supported now.
Data can be read from the new DWARF sections .debug_addr, .debug_line_str,
.debug_loclists, .debug_str_offsets and .debug_rnglists. Plus the new
DWARF5 and GNU DebugFission encodings of the existing .debug sections.
Also in split DWARF .dwo (DWARF object) files. This support is mostly
handled by existing functions (dwarf_getlocation*, dwarf_getsrclines,
dwarf_ranges, dwarf_form*, etc.) now returning the data from the new
sections and data formats. But some new functions have been added
to more easily get information about skeleton and split compile units
(dwarf_get_units and dwarf_cu_info), handle new attribute data
(dwarf_getabbrevattr_data) and to keep references to Dwarf_Dies
that might come from different sections or files (dwarf_die_addr_die).
- Not yet supported are .dwp (Dwarf Package) and .sup (Dwarf Supplementary)
files, the .debug_names index, the .debug_cu_index and .debug_tu_index
sections. Only a single .debug_info (and .debug_types) section are
currently handled.
- readelf: Handle all new DWARF5 sections.
--debug-dump=info+ will show split unit DIEs when found.
--dwarf-skeleton can be used when inspecting a .dwo file.
Recognizes GNU locviews with --debug-dump=loc.
- libdw: New functions dwarf_die_addr_die, dwarf_get_units,
dwarf_getabbrevattr_data and dwarf_cu_info.
libdw will now try to resolve the alt file on first use of
an alt attribute FORM when not set yet with dwarf_set_alt.
dwarf_aggregate_size() now works with multi-dimensional arrays.
- libdwfl: Use process_vm_readv when available instead of ptrace.
backends: Add a RISC-V backend.
There were various improvements to build on Windows.
The sha1 and md5 implementations have been removed, they weren't used.
Update to version 0.170:
- libdw: Added new DWARF5 attribute, tag, character encoding, language code,
calling convention, defaulted member function and macro constants
to dwarf.h.
New functions dwarf_default_lower_bound and dwarf_line_file.
dwarf_peel_type now handles DWARF5 immutable, packed and shared tags.
dwarf_getmacros now handles DWARF5 .debug_macro sections.
- strip: Add -R, --remove-section=SECTION and --keep-section=SECTION.
- backends: The bpf disassembler is now always build on all platforms.
Update to version 0.169:
- backends: Add support for EM_PPC64 GNU_ATTRIBUTES.
Frame pointer unwinding fallback support for i386, x86_64, aarch64.
- translations: Update Polish translation.
- CVE-2017-7611: elfutils: DoS (heap-based buffer over-read and application crash) via a crafted ELF file (bsc#1033088)
- CVE-2017-7610: elflint: heap-based buffer overflow in check_group (bsc#1033087)
- CVE-2017-7609: memory allocation failure in __libelf_decompress (bsc#1033086)
- CVE-2017-7607: heap-based buffer overflow in handle_gnu_hashi (readelf.c) (bsc#1033084)
- CVE-2017-7608: heap-based buffer overflow in ebl_object_note_type_name (eblobjnotetypename.c) (bsc#1033085)
- CVE-2017-7613: elfutils: denial of service (memory consumption) via a crafted ELF file (bsc#1033090)
- CVE-2017-7612: elfutils: denial of service (heap-based buffer over-read and application crash) via a crafted ELF file (bsc#1033089)
- Don't make elfutils recommend elfutils-lang as elfutils-lang
already supplements elfutils.
dwarves is shipped new in version 1.22 to provide tooling for use by the Linux Kernel BTF verification framework.
The following package changes have been done:
- libdw1-0.177-150300.11.3.1 updated
- libebl-plugins-0.177-150300.11.3.1 updated
- libelf1-0.177-150300.11.3.1 updated
- container:sles15-image-15.0.0-17.20.8 updated
More information about the sle-security-updates
mailing list