~/cve/CVE-2023-25584

pipeline liveDigest Docs

CVE-2023-25584

published 2023-09-14

CVE-2023-25584: An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils.

high7.1CVSS 3.1

AVLACLPRNUIRSUCHINAH

An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils.

Affected

11 ranges

Vendor	Product	Version range	Fixed in
debian	binutils	< binutils 2.39.50.20221224-1 (bookworm)	binutils 2.39.50.20221224-1 (bookworm)
gnu	binutils	< 2.40	2.40
gnu	binutils	>= 0 < 2.39.50.20221224-1	2.39.50.20221224-1
gnu	binutils	>= 0 < 2.39.50.20221224-1	2.39.50.20221224-1
gnu	binutils	>= 0 < 2.39.50.20221224-1	2.39.50.20221224-1
gnu	binutils	>= 0 < 2.30-21ubuntu1~18.04.9	2.30-21ubuntu1~18.04.9
gnu	binutils	>= 0 < 2.34-6ubuntu1.5	2.34-6ubuntu1.5
gnu	binutils	>= 0 < 2.38-4ubuntu2.2	2.38-4ubuntu2.2
gnu	binutils	>= 0 < 2.24-5ubuntu14.2+esm1	2.24-5ubuntu14.2+esm1
gnu	binutils	>= 0 < 2.26.1-1ubuntu1~16.04.8+esm6	2.26.1-1ubuntu1~16.04.8+esm6
msrc	azl3_crash_8.0.4-3_on_azure_linux_3.0	—	—

CVSS provenance

nvdv3.17.1HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

osv7.8HIGH