PT-2023-13441 · Binutils+2 · Binutils+2

Hex Rabbit

Published

2023-08-22

Updated

2024-06-15

CVE-2022-35206

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Binutils readelf version 2.38.50

Description A null pointer dereference issue exists in the readelf component of Binutils, specifically in the function read and display attr value within the file dwarf.c. This issue can be triggered, potentially leading to a crash or other unintended behavior.

Recommendations For Binutils readelf version 2.38.50, consider applying a patch or update that fixes the null pointer dereference vulnerability in the read and display attr value function. As a temporary workaround, restrict the use of the read and display attr value function until a patch is available.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

CVE-2022-35206

OPENSUSE-SU-2023_3825-1

OPENSUSE-SU-2024:13411-1

SUSE-SU-2023:3695-1

SUSE-SU-2023:3825-1

Affected Products

Binutils

Debian

Suse

PT-2023-13441 · Binutils+2 · Binutils+2

CVE-2022-35206

Weakness Enumeration

Related Identifiers

Affected Products

References · 54