Debian Binutils vulnerabilities

CVE-2022-38533 [MEDIUM] CVE-2022-38533: binutils - In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error functi... In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file. Scope: local bookworm: resolved (fixed in 2.39.50.20221208-2) bullseye: open forky: resolved (fixed in 2.39.50.20221208-2) sid: resolved (fixed in 2.39.50.20221208-2) trixie: resolved (fixed in 2.3

CVE-2022-4285 [MEDIUM] CVE-2022-4285: binutils - An illegal memory access flaw was found in the binutils package. Parsing an ELF ... An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. Scope: local bookworm: resolved (fixed in 2.39.50.20221208-2) bullseye: open forky: resolved (fixed in 2.39.50.20221208-2) sid: resolve

CVE-2022-47007 [MEDIUM] CVE-2022-47007: binutils - An issue was discovered function stab_demangle_v3_arg in stabs.c in Binutils 2.3... An issue was discovered function stab_demangle_v3_arg in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. Scope: local bookworm: resolved (fixed in 2.38.50.20220627-1) bullseye: open forky: resolved (fixed in 2.38.50.20220627-1) sid: resolved (fixed in 2.38.50.20220627-1) trixie: resolved (fixed in 2.38.50.202

CVE-2022-45703 [HIGH] CVE-2022-45703: binutils - Heap buffer overflow vulnerability in binutils readelf before 2.40 via function ... Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c. Scope: local bookworm: resolved (fixed in 2.40-2) bullseye: open forky: resolved (fixed in 2.40-2) sid: resolved (fixed in 2.40-2) trixie: resolved (fixed in 2.40-2)

CVE-2022-47695 [HIGH] CVE-2022-47695: binutils - An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause... An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function bfd_mach_o_get_synthetic_symtab in match-o.c. Scope: local bookworm: resolved (fixed in 2.39.50.20221208-2) bullseye: open forky: resolved (fixed in 2.39.50.20221208-2) sid: resolved (fixed in 2.39.50.20221208-2) trixie: res

CVE-2022-47011 [MEDIUM] CVE-2022-47011: binutils - An issue was discovered function parse_stab_struct_fields in stabs.c in Binutils... An issue was discovered function parse_stab_struct_fields in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. Scope: local bookworm: resolved (fixed in 2.38.50.20220627-1) bullseye: open forky: resolved (fixed in 2.38.50.20220627-1) sid: resolved (fixed in 2.38.50.20220627-1) trixie: resolved (fixed in 2.38.50

CVE-2022-47673 [HIGH] CVE-2022-47673: binutils - An issue was discovered in Binutils addr2line before 2.39.3, function parse_modu... An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts. Scope: local bookworm: resolved (fixed in 2.39.50.20221224-1) bullseye: open forky: resolved (fixed in 2.39.50.20221224-1) sid: resolved (fixed in 2.39.50.20221224-1) trixie: resolv

CVE-2022-48065 [MEDIUM] CVE-2022-48065: binutils - GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability v... GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c. Scope: local bookworm: resolved (fixed in 2.40-2) bullseye: open forky: resolved (fixed in 2.40-2) sid: resolved (fixed in 2.40-2) trixie: resolved (fixed in 2.40-2)

CVE-2022-47008 [MEDIUM] CVE-2022-47008: binutils - An issue was discovered function make_tempdir, and make_tempname in bucomm.c in ... An issue was discovered function make_tempdir, and make_tempname in bucomm.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. Scope: local bookworm: resolved (fixed in 2.38.50.20220627-1) bullseye: open forky: resolved (fixed in 2.38.50.20220627-1) sid: resolved (fixed in 2.38.50.20220627-1) trixie: resolved (fixed in

CVE-2022-35205 [MEDIUM] CVE-2022-35205: binutils - An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure... An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service. Scope: local bookworm: resolved (fixed in 2.38.50.20220627-1) bullseye: open forky: resolved (fixed in 2.38.50.20220627-1) sid: resolved (fixed in 2.38.50.20220627-1) trixie: resolved (fixed in 2.38.50.202

CVE-2022-47696 [HIGH] CVE-2022-47696: binutils - An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause... An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols. Scope: local bookworm: resolved (fixed in 2.39.50.20221208-2) bullseye: open forky: resolved (fixed in 2.39.50.20221208-2) sid: resolved (fixed in 2.39.50.20221208-2) trixie: resolved (fixed in 2.39.50.20221

CVE-2022-44840 [HIGH] CVE-2022-44840: binutils - Heap buffer overflow vulnerability in binutils readelf before 2.40 via function ... Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c. Scope: local bookworm: resolved (fixed in 2.40-2) bullseye: open forky: resolved (fixed in 2.40-2) sid: resolved (fixed in 2.40-2) trixie: resolved (fixed in 2.40-2)

CVE-2022-48063 [MEDIUM] CVE-2022-48063: binutils - GNU Binutils before 2.40 was discovered to contain an excessive memory consumpti... GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack. Scope: local bookworm: resolved (fixed in 2.40-2) bullseye: open forky: resolved (fixed in 2.40-2) sid: resolved (fixed in 2.40-2) trixie: reso

CVE-2021-37322 [HIGH] CVE-2021-37322: binutils - GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via t... GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c. Scope: local bookworm: resolved (fixed in 2.27.51.20161102-1) bullseye: resolved (fixed in 2.27.51.20161102-1) forky: resolved (fixed in 2.27.51.20161102-1) sid: resolved (fixed in 2.27.51.20161102-1) trixie: resolved (fixed in 2.27.51.20161102-1)

CVE-2021-20197 [MEDIUM] CVE-2021-20197: binutils - There is an open race window when writing output in the following utilities in G... There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an unprivileged user can trick these utilities into getting ownership of arbitrary files throug

CVE-2021-32256 [MEDIUM] CVE-2021-32256: binutils - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. I... An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2021-45078 [CRITICAL] CVE-2021-45078: binutils - stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers... stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699. Scope: local bookworm: resolved (fixed in 2.37.50.20220106-1) bull

CVE-2021-20294 [HIGH] CVE-2021-20294: binutils - A flaw was found in binutils readelf 2.35 program. An attacker who is able to co... A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbitrary data supplied by the attacker. The highest impact of this flaw is to confidentiality, integrity, and availability. Scope: local bookworm: resolved (fixed in 2.35.

CVE-2021-3549 [HIGH] CVE-2021-3549: binutils - An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An... An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avr_elf32_load_records_from_section() probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as well as system availability. Scope: local bookworm: resolved (fix

CVE-2021-46174 [HIGH] CVE-2021-46174: binutils - Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37. Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37. Scope: local bookworm: resolved (fixed in 2.37.90.20220207-1) bullseye: open forky: resolved (fixed in 2.37.90.20220207-1) sid: resolved (fixed in 2.37.90.20220207-1) trixie: resolved (fixed in 2.37.90.20220207-1)