PT-2023-1298 · Binutils+9 · Binutils+9

Heqing Huang

Published

2022-10-19

Updated

2025-03-28

CVE-2022-4285

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions binutils (affected versions not specified)

Description The issue is related to an illegal memory access flaw in the binutils package. It occurs when parsing an ELF file that contains corrupt symbol version information, potentially resulting in a denial of service. This problem is a result of an incomplete fix for a previous issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2023:2873

ALSA-2023:6236

ALSA-2023:6593

ALT-PU-2023-1379

ALT-PU-2023-4098

ALT-PU-2024-9331

AZL-13114

BDU:2023-00576

CESA-2023_2873

CESA-2023_6236

CVE-2022-4285

MGASA-2024-0246

OESA-2023-1592

OESA-2023-1593

OESA-2023-1594

OPENSUSE-SU-2023_3825-1

OPENSUSE-SU-2024:12717-1

RHSA-2023:2873

RHSA-2023:3269

RHSA-2023:6236

RHSA-2023:6593

RHSA-2023:7394

RHSA-2023_2873

RHSA-2023_6236

RHSA-2023_6593

RLSA-2023:6236

ROSA-SA-2025-2645

SUSE-SU-2023:3695-1

SUSE-SU-2023:3825-1

USN-6544-1

USN-6842-1

Affected Products

Alt Linux

Almalinux

Centos

Debian

Linuxmint

Red Hat

Red Os

Suse

Ubuntu

Binutils

PT-2023-1298 · Binutils+9 · Binutils+9

CVE-2022-4285

Weakness Enumeration

Related Identifiers

Affected Products

References · 111