Your submission was sent successfully! Close

USN-5124-1: GNU binutils vulnerabilities

25 October 2021

Several security issues were fixed in GNU binutils.

Releases

Packages

  • binutils - GNU assembler, linker and binary utilities

Details

It was discovered that GNU binutils incorrectly handled certain hash
lookups. An attacker could use this issue to cause GNU binutils to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2020-16592)

It was discovered that GNU binutils incorrectly handled certain corrupt
DWARF debug sections. An attacker could possibly use this issue to cause
GNU binutils to consume memory, resulting in a denial of service.
(CVE-2021-3487)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 20.04
Ubuntu 18.04

In general, a standard system update will make all the necessary changes.