CVE-2022-48063

Опубликовано: 21 дек. 2022

Источник: redhat

EPSS Низкий

Описание

GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.

An excessive memory consumption vulnerability has been found in GNU Binutils within the function load_separate_debug_files in dwarf2.c. This vulnerability could be exploited by an attacker supplying a crafted ELF file, leading to a denial of service attack due to excessive memory usage.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	binutils	Not affected
Red Hat Enterprise Linux 7	binutils	Not affected
Red Hat Enterprise Linux 7	gdb	Not affected
Red Hat Enterprise Linux 8	binutils	Not affected
Red Hat Enterprise Linux 8	gcc-toolset-11-binutils	Not affected
Red Hat Enterprise Linux 8	gcc-toolset-11-gdb	Not affected
Red Hat Enterprise Linux 8	gcc-toolset-12-binutils	Not affected
Red Hat Enterprise Linux 8	gcc-toolset-12-gdb	Not affected
Red Hat Enterprise Linux 8	gcc-toolset-13-binutils	Not affected
Red Hat Enterprise Linux 8	gcc-toolset-13-gdb	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=2233949binutils: excessive memory consumption in load_separate_debug_files() in dwarf.c

EPSS

Процентиль: 1%

0.0001

Низкий

Связанные уязвимости

CVE-2022-48063

CVSS3: 5.5

ubuntu

почти 2 года назад

CVE-2022-48063

CVSS3: 5.5

nvd

почти 2 года назад

CVE-2022-48063

CVSS3: 5.5

msrc

6 месяцев назад

Описание отсутствует

CVE-2022-48063

CVSS3: 5.5

debian

почти 2 года назад

GNU Binutils before 2.40 was discovered to contain an excessive memory ...

GHSA-7jp6-rmg5-fj58

CVSS3: 5.5

github

почти 2 года назад

EPSS

Процентиль: 1%

0.0001

Низкий