CVE-2018-10372

Vulnerability

The vulnerability resides in the process_cu_tu_index function in dwarf.c of GNU Binutils version 2.30. It is a heap-based buffer over-read that can be triggered by processing a specially crafted binary file, as demonstrated with readelf [1], [2]. The flaw occurs when the tool incorrectly reads beyond the bounds of an allocated heap buffer while parsing DWARF unit index data.

Exploitation

An attacker can exploit this vulnerability by crafting a malicious binary file (e.g., an ELF file with manipulated debug sections) and enticing a user or automated system to process it with a vulnerable version of Binutils (such as running readelf or objdump). No special privileges or network access are required; the attack vector is local, relying on user interaction. The trigger is immediate upon parsing the malformed input [2], [4].

Impact

Successful exploitation results in a denial of service: the application (e.g., readelf) crashes. The heap-based buffer over-read may potentially be leveraged for other unspecified impacts, including arbitrary code execution, although the primary consequence documented is a crash leading to denial of service [2], [4].

Mitigation

The vulnerability is fixed in GNU Binutils versions after 2.30. Red Hat issued fix RHSA-2018:3032 (August 2018) [1], Ubuntu published USN-4336-1 with version 2.30-21ubuntu1~18.04.3 [2], and Gentoo GLSA 201908-01 recommends upgrading to >=sys-devel/binutils-2.32-r1 [4]. Users should update their Binutils package to the latest patched version available for their distribution.