PT-2023-1298 · Binutils+9 · Binutils+9

Heqing Huang

Publicado

2022-10-19

Atualizado

2025-03-28

CVE-2022-4285

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions binutils (affected versions not specified)

Description The issue is related to an illegal memory access flaw in the binutils package. It occurs when parsing an ELF file that contains corrupt symbol version information, potentially resulting in a denial of service. This problem is a result of an incomplete fix for a previous issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-476

Identificadores relacionados

ALSA-2023:2873

ALSA-2023:6236

ALSA-2023:6593

ALT-PU-2023-1379

ALT-PU-2023-4098

ALT-PU-2024-9331

AZL-13114

BDU:2023-00576

CESA-2023_2873

CESA-2023_6236

CVE-2022-4285

MGASA-2024-0246

OESA-2023-1592

OESA-2023-1593

OESA-2023-1594

OPENSUSE-SU-2023_3825-1

OPENSUSE-SU-2024:12717-1

RHSA-2023:2873

RHSA-2023:3269

RHSA-2023:6236

RHSA-2023:6593

RHSA-2023:7394

RHSA-2023_2873

RHSA-2023_6236

RHSA-2023_6593

RLSA-2023:6236

ROSA-SA-2025-2645

SUSE-SU-2023:3695-1

SUSE-SU-2023:3825-1

USN-6544-1

USN-6842-1

Produtos afetados

Alt Linux

Almalinux

Centos

Debian

Linuxmint

Red Hat

Red Os

Suse

Ubuntu

Binutils

PT-2023-1298 · Binutils+9 · Binutils+9

CVE-2022-4285

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 111