Out-of-Bounds Read Vulnerability in Binutils by GNU
CVE-2022-47673

7.8HIGH

Key Information:

Vendor: Gnu
Status: Binutils
Vendor: CVE Published:; 22 August 2023

What is CVE-2022-47673?

A vulnerability has been identified in Binutils addr2line prior to version 2.39.3, located in the function parse_module. This issue involves multiple out-of-bounds reads which may lead to a denial of service or result in other unspecified impacts, thereby compromising system stability and security. Users of the affected versions are urged to update to mitigate potential risks and ensure system integrity.

References

https://sourceware.org/bugzilla/show_bug.cgi?id=29876

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 22, 2023
Vulnerability Reserved
Dec 21, 2022

Gnu

What is CVE-2022-47673?

References

CVSS V3.1

Timeline