CVE-2022-47673Out-of-bounds Read in Binutils

CWE-125Out-of-bounds Read7 documents7 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 96.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU Binutils
Timeline
PublishedAug 22

Description

An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDgnu/binutils< 2.39.3
Debiangnu/binutils< 2.39.50.20221224-1+2

🔴Vulnerability Details

3
GHSA
GHSA-fr78-4gjg-h5j9: An issue was discovered in Binutils addr2line before 22023-08-22
CVEList
CVE-2022-47673: An issue was discovered in Binutils addr2line before 22023-08-22
OSV
CVE-2022-47673: An issue was discovered in Binutils addr2line before 22023-08-22

📋Vendor Advisories

3
Microsoft
An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts.2023-08-08
Red Hat
binutils: out-of-bounds read in parse_module() in bfd/vms-alpha.c via addr2line2022-12-12
Debian
CVE-2022-47673: binutils - An issue was discovered in Binutils addr2line before 2.39.3, function parse_modu...2022
CVE-2022-47673 — Out-of-bounds Read in GNU Binutils | cvebase