Описание
An issue was discovered function stab_demangle_v3_arg in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks.
A memory leak was found in function stab_demangle_v3_arg in stabs.c in Binutils, allows local attacker to exploit the vulnerability using specially crafted file to cause Denial of Service.
Отчет
This issue is classified with a low severity primarily because binutils is not typically exposed to untrusted inputs in most environments, limiting the possibility of exploitation. Additionally, this memory leak is only triggered during the parsing of a specially crafted file, requiring an attacker to convince a user to process this file with binutils. Furthermore, binutils does not handle privileged operations, meaning that exploitation is unlikely to lead to system compromise or escalation of privileges. Also, the impact is limited to the application itself, without affecting the broader system or network security.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | binutils | Out of support scope | ||
| Red Hat Enterprise Linux 7 | binutils | Out of support scope | ||
| Red Hat Enterprise Linux 7 | gdb | Out of support scope | ||
| Red Hat Enterprise Linux 8 | binutils | Will not fix | ||
| Red Hat Enterprise Linux 8 | gcc-toolset-11-binutils | Fix deferred | ||
| Red Hat Enterprise Linux 8 | gcc-toolset-11-gdb | Not affected | ||
| Red Hat Enterprise Linux 8 | gcc-toolset-12-binutils | Fix deferred | ||
| Red Hat Enterprise Linux 8 | gcc-toolset-12-gdb | Not affected | ||
| Red Hat Enterprise Linux 8 | gcc-toolset-13-binutils | Fix deferred | ||
| Red Hat Enterprise Linux 8 | gcc-toolset-13-gdb | Affected |
Показывать по
Дополнительная информация
Статус:
5.5 Medium
CVSS3
Связанные уязвимости
An issue was discovered function stab_demangle_v3_arg in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks.
An issue was discovered function stab_demangle_v3_arg in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks.
An issue was discovered function stab_demangle_v3_arg in stabs.c in Bi ...
An issue was discovered function stab_demangle_v3_arg in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks.
5.5 Medium
CVSS3