https://bugzilla.redhat.com/show_bug.cgi?id=1162594
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=low,public=20141028, |impact=low,public=20141028, |reported=20141111,source=os |reported=20141111,source=os |s-security,cvss2=1.2/AV:L/A |s-security,cvss2=2.6/AV:L/A |C:H/Au:N/C:P/I:N/A:N,cwe=CW |C:H/Au:N/C:P/I:N/A:P,cwe=CW |E-122,dts-2.1/devtoolset-2- |E-122,dts-2.1/devtoolset-2- |binutils=affected,dts-3.0/d |binutils=affected,dts-3.0/d |evtoolset-3-binutils=affect |evtoolset-3-binutils=affect |ed,fedora-all/arm-none-eabi |ed,fedora-all/arm-none-eabi |-binutils-cs=affected,fedor |-binutils-cs=affected,fedor |a-all/avr-binutils=affected |a-all/avr-binutils=affected |,fedora-all/binutils=affect |,fedora-all/binutils=affect |ed,fedora-all/cross-binutil |ed,fedora-all/cross-binutil |s=affected,fedora-all/mingw |s=affected,fedora-all/mingw |-binutils=affected,fedora-a |-binutils=affected,fedora-a |ll/msp430-binutils=affected |ll/msp430-binutils=affected |,rhel-5/binutils=wontfix,rh |,rhel-5/binutils=wontfix,rh |el-5/binutils220=wontfix,rh |el-5/binutils220=wontfix,rh |el-6/binutils=affected,rhel |el-6/binutils=affected,rhel |-6/mingw32-binutils=wontfix |-6/mingw32-binutils=wontfix |,rhel-7/binutils=defer,epel |,rhel-7/binutils=defer,epel |-all/avr-binutils=affected, |-all/avr-binutils=affected, |epel-all/cross-binutils=aff |epel-all/cross-binutils=aff |ected,epel-all/mingw-binuti |ected,epel-all/mingw-binuti |ls=affected |ls=affected
--- Doc Text *updated* --- A heap-based buffer overflow flaw was found in the way objdump utility processed certain files. If a user were tricked into running objdump on a specially crafted file, it could cause objdump to crash or potentially execute arbitrary code with the privileges of the user running an executable. The original fix for CVE-2014-8485 was found to be incomplete.