CVE-2022-35205: An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service.

medium5.5CVSS 3.1

AVLACLPRNUIRSUCNINAH

An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service.

Affected

14 ranges

Vendor	Product	Version range	Fixed in
debian	binutils	< binutils 2.38.50.20220627-1 (bookworm)	binutils 2.38.50.20220627-1 (bookworm)
gnu	binutils	—	—
gnu	binutils	>= 0 < 2.38.50.20220627-1	2.38.50.20220627-1
gnu	binutils	>= 0 < 2.38.50.20220627-1	2.38.50.20220627-1
gnu	binutils	>= 0 < 2.38.50.20220627-1	2.38.50.20220627-1
gnu	binutils	>= 0 < 2.34-6ubuntu1.7	2.34-6ubuntu1.7
gnu	binutils	>= 0 < 2.38-4ubuntu2.4	2.38-4ubuntu2.4
gnu	binutils	>= 0 < 2.24-5ubuntu14.2+esm6	2.24-5ubuntu14.2+esm6
gnu	binutils	>= 0 < 2.24-5ubuntu14.2+esm5	2.24-5ubuntu14.2+esm5
gnu	binutils	>= 0 < 2.26.1-1ubuntu1~16.04.8+esm9	2.26.1-1ubuntu1~16.04.8+esm9
gnu	binutils	>= 0 < 2.30-21ubuntu1~18.04.9+esm3	2.30-21ubuntu1~18.04.9+esm3
msrc	cbl2_binutils_2.37-10_on_cbl_mariner_2.0	—	—
msrc	cbl_mariner_2.0_arm	—	—
msrc	cbl_mariner_2.0_x64	—	—

CVSS provenance

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

osv8.8HIGH