Memory Leak Vulnerability in GNU Binutils Affects Multiple Versions
CVE-2022-48065

5.5MEDIUM

Key Information:

Vendor: Gnu
Status: Binutils
Vendor: CVE Published:; 22 August 2023

Summary

A memory leak vulnerability has been identified in GNU Binutils versions prior to 2.40. The flaw is located in the function find_abstract_instance within the dwarf2.c file, potentially allowing attackers to consume system resources and affect application performance. Users are advised to update to the latest version to mitigate risks associated with this vulnerability.

References

https://sourceware.org/bugzilla/show_bug.cgi?id=29925

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%...

https://security.netapp.com/advisory/ntap-20231006-0008/

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Aug 22, 2023
Vulnerability Reserved
Dec 29, 2022