Описание
An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils.
Отчет
The issue is classified as low severity primarily because binutils is not typically exposed to untrusted inputs in most environments, limiting its exploitation potential. The buffer overflow in vms-alpha.c only triggers during the parsing of malformed files, which would require an attacker to convince a user to process a malicious binary file. Moreover, binutils does not handle privileged operations, meaning exploitation is unlikely to lead to system compromise or escalation of privileges. Additionally, the impact is localized to the application itself, without affecting the broader system or network security.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | binutils | Will not fix | ||
| Red Hat Enterprise Linux 7 | binutils | Will not fix | ||
| Red Hat Enterprise Linux 8 | binutils | Fix deferred | ||
| Red Hat Enterprise Linux 8 | gcc-toolset-11-binutils | Fix deferred | ||
| Red Hat Enterprise Linux 8 | gcc-toolset-11-gdb | Not affected | ||
| Red Hat Enterprise Linux 8 | gcc-toolset-12-binutils | Fix deferred | ||
| Red Hat Enterprise Linux 8 | gcc-toolset-12-gdb | Not affected | ||
| Red Hat Enterprise Linux 9 | binutils | Not affected | ||
| Red Hat Enterprise Linux 9 | gcc-toolset-12-binutils | Not affected | ||
| Red Hat Enterprise Linux 9 | gcc-toolset-12-gdb | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
6.3 Medium
CVSS3
Связанные уязвимости
An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils.
An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils.
Out of bounds read in parse_module function in bfd/vms-alpha.c
An out-of-bounds read flaw was found in the parse_module function in b ...
An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils.
EPSS
6.3 Medium
CVSS3