Out-of-Bounds Read Vulnerability in Binutils by GNU
CVE-2022-47673

7.8HIGH

Key Information:

Vendor: Gnu
Status: Binutils
Vendor: CVE Published:; 22 August 2023

Summary

A vulnerability has been identified in Binutils addr2line prior to version 2.39.3, located in the function parse_module. This issue involves multiple out-of-bounds reads which may lead to a denial of service or result in other unspecified impacts, thereby compromising system stability and security. Users of the affected versions are urged to update to mitigate potential risks and ensure system integrity.

References

https://sourceware.org/bugzilla/show_bug.cgi?id=29876

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Aug 22, 2023
Vulnerability Reserved
Dec 21, 2022