An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2150768 | Exploit Issue Tracking Patch Third Party Advisory |
https://security.gentoo.org/glsa/202309-15 | |
https://sourceware.org/bugzilla/show_bug.cgi?id=29699 | Exploit Issue Tracking Patch Vendor Advisory |
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=5c831a3c7f3ca98d6aba1200353311e1a1f84c70 |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
07 Nov 2023, 03:57
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
CWE | CWE-476 |
30 Sep 2023, 10:15
Type | Values Removed | Values Added |
---|---|---|
CWE | ||
References |
|
07 Feb 2023, 19:46
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* |
|
First Time |
Redhat enterprise Linux
Gnu binutils Fedoraproject Redhat Gnu Fedoraproject fedora |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2150768 - Exploit, Issue Tracking, Patch, Third Party Advisory | |
References | (MISC) https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5c831a3c7f3ca98d6aba1200353311e1a1f84c70 - Mailing List, Patch, Vendor Advisory | |
References | (MISC) https://sourceware.org/bugzilla/show_bug.cgi?id=29699 - Exploit, Issue Tracking, Patch, Vendor Advisory |
27 Jan 2023, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-01-27 18:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-4285
Mitre link : CVE-2022-4285
CVE.ORG link : CVE-2022-4285
JSON object : View
Products Affected
gnu
- binutils
redhat
- enterprise_linux
fedoraproject
- fedora
CWE
CWE-476
NULL Pointer Dereference