USN-366-1: binutils vulnerability

18 October 2006

binutils vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 5.10

Software Description

Details

A buffer overflow was discovered in gas (the GNU assembler). By tricking an user or automated system (like a compile farm) into assembling a specially crafted source file with gcc or gas, this could be exploited to execute arbitrary code with the user’s privileges.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.10
binutils - 2.16.1-2ubuntu6.3
binutils-static - 2.16.1-2ubuntu6.3

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system upgrade is sufficient to effect the necessary changes.

References