CVE-2022-45703

CWE-787Out-of-bounds Write10 documents7 sources
Severity
7.8HIGH
EPSS
0.0%
top 93.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU Binutils
Timeline
PublishedAug 22
Latest updateJan 15

Description

Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

NVDgnu/binutils< 2.40
Debianbinutils< 2.40-2+2
Ubuntubinutils< 2.34-6ubuntu1.8+1

🔴Vulnerability Details

5
OSV
binutils vulnerabilities2024-01-15
OSV
binutils vulnerabilities2023-09-18
CVEList
CVE-2022-45703: Heap buffer overflow vulnerability in binutils readelf before 22023-08-22
OSV
CVE-2022-45703: Heap buffer overflow vulnerability in binutils readelf before 22023-08-22
GHSA
GHSA-4m6w-8h73-rv8p: Heap buffer overflow vulnerability in binutils readelf before 22023-08-22

📋Vendor Advisories

4
Ubuntu
GNU binutils vulnerabilities2024-01-15
Ubuntu
GNU binutils vulnerabilities2023-09-18
Red Hat
binutils: heap-based buffer overflow in display_debug_section() in readelf.c2022-11-17
Debian
CVE-2022-45703: binutils - Heap buffer overflow vulnerability in binutils readelf before 2.40 via function ...2022
CVE-2022-45703 (HIGH CVSS 7.8) | Heap buffer overflow vulnerability | cvebase.io