CVE-2022-35206

CWE-476NULL Pointer Dereference6 documents6 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 92.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU Binutils
Timeline
PublishedAug 22

Description

Null pointer dereference vulnerability in Binutils readelf 2.38.50 via function read_and_display_attr_value in file dwarf.c.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

Debianbinutils< 2.38.50.20220627-1+2
NVDgnu/binutils2.38.50

Patches

Patch: sourceware.orgPatch: sourceware.org

🔴Vulnerability Details

3
OSV
CVE-2022-35206: Null pointer dereference vulnerability in Binutils readelf 22023-08-22
CVEList
CVE-2022-35206: Null pointer dereference vulnerability in Binutils readelf 22023-08-22
GHSA
GHSA-f9p9-jg9g-hhqp: Null pointer dereference vulnerability in Binutils readelf 22023-08-22

📋Vendor Advisories

2
Red Hat
binutils: NULL pointer dereference in read_and_display_attr_value() in dwarf.c2022-06-26
Debian
CVE-2022-35206: binutils - Null pointer dereference vulnerability in Binutils readelf 2.38.50 via function ...2022
CVE-2022-35206 (MEDIUM CVSS 5.5) | Null pointer dereference vulnerabil | cvebase.io