CVE-2023-1972
published 2023-05-17CVE-2023-1972: A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability.
medium6.5CVSS 3.1
AVNACLPRNUIRSUCNINAH
A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | binutils | < binutils 2.41-1 (forky) | binutils 2.41-1 (forky) |
| gnu | binutils | — | — |
| gnu | binutils | >= 0 < 2.41-1 | 2.41-1 |
| gnu | binutils | >= 0 < 2.41-1 | 2.41-1 |
| gnu | binutils | >= 0 < 2.30-21ubuntu1~18.04.9 | 2.30-21ubuntu1~18.04.9 |
| gnu | binutils | >= 0 < 2.34-6ubuntu1.5 | 2.34-6ubuntu1.5 |
| gnu | binutils | >= 0 < 2.38-4ubuntu2.2 | 2.38-4ubuntu2.2 |
| gnu | binutils | >= 0 < 2.24-5ubuntu14.2+esm1 | 2.24-5ubuntu14.2+esm1 |
| gnu | binutils | >= 0 < 2.26.1-1ubuntu1~16.04.8+esm6 | 2.26.1-1ubuntu1~16.04.8+esm6 |
| gnu | binutils | 2.35 – 2.40 | — |
| gnu | gdb | >= 0 < 9.2-0ubuntu1~20.04.2 | 9.2-0ubuntu1~20.04.2 |
| gnu | gdb | >= 0 < 12.1-0ubuntu1~22.04.2 | 12.1-0ubuntu1~22.04.2 |
| gnu | gdb | >= 0 < 7.11.1-0ubuntu1~16.5+esm1 | 7.11.1-0ubuntu1~16.5+esm1 |
| gnu | gdb | >= 0 < 8.1.1-0ubuntu1+esm1 | 8.1.1-0ubuntu1+esm1 |
| msrc | cbl2_binutils_2.37-10_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv7.8HIGH