CVE-2023-25585
published 2023-09-14CVE-2023-25585: A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may lead to application crash and local denial of service.
medium5.5CVSS 3.1
AVLACLPRNUIRSUCNINAH
A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may lead to application crash and local denial of service.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | binutils | < binutils 2.39.50.20221224-1 (bookworm) | binutils 2.39.50.20221224-1 (bookworm) |
| gnu | binutils | — | — |
| gnu | binutils | >= 0 < 2.39.50.20221224-1 | 2.39.50.20221224-1 |
| gnu | binutils | >= 0 < 2.39.50.20221224-1 | 2.39.50.20221224-1 |
| gnu | binutils | >= 0 < 2.39.50.20221224-1 | 2.39.50.20221224-1 |
| gnu | binutils | >= 0 < 2.30-21ubuntu1~18.04.9 | 2.30-21ubuntu1~18.04.9 |
| gnu | binutils | >= 0 < 2.34-6ubuntu1.5 | 2.34-6ubuntu1.5 |
| gnu | binutils | >= 0 < 2.38-4ubuntu2.2 | 2.38-4ubuntu2.2 |
| gnu | binutils | >= 0 < 2.24-5ubuntu14.2+esm1 | 2.24-5ubuntu14.2+esm1 |
| gnu | binutils | >= 0 < 2.26.1-1ubuntu1~16.04.8+esm6 | 2.26.1-1ubuntu1~16.04.8+esm6 |
| msrc | azl3_crash_8.0.4-3_on_azure_linux_3.0 | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv7.8HIGH