Denial of Service Vulnerability in Binutils Objdump by Sourceware
CVE-2022-47695

7.8HIGH

Key Information:

Vendor
Gnu
Status
Binutils
Vendor
CVE Published:
22 August 2023

Summary

A vulnerability in Binutils objdump versions prior to 2.39.3 allows an attacker to trigger a denial of service. The flaw is located in the function 'bfd_mach_o_get_synthetic_symtab' within match-o.c, which can possibly lead to issues that disrupt normal operations. This vulnerability raises concerns for users relying on the affected versions of Binutils for processing object files.

References

https://sourceware.org/bugzilla/show_bug.cgi?id=29846

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.