Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-53589

Опубликовано: 05 дек. 2024
Источник: redhat
CVSS3: 6.6
EPSS Низкий

Описание

GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD (Binary File Descriptor) library's handling of tekhex format files.

A buffer overflow vulnerability exists in GNU Binutils’ objdump utility when processing tekhex format files. During format identification, the vulnerability occurs in the Binary File Descriptor (BFD) library’s tekhex parser. A specially crafted tekhex file, when processed by objdump, may trigger an out-of-bounds read, leading to a denial of service or other undefined behavior.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Migration Toolkit for Containersrhmtc/openshift-migration-must-gather-rhel8Not affected
Migration Toolkit for Virtualizationmigration-toolkit-virtualization/mtv-must-gather-rhel8Not affected
OpenShift API for Data Protectionoadp/oadp-mustgather-rhel8Not affected
Red Hat Enterprise Linux 6binutilsNot affected
Red Hat Enterprise Linux 7binutilsNot affected
Red Hat Enterprise Linux 7gdbNot affected
Red Hat Enterprise Linux 8binutilsNot affected
Red Hat Enterprise Linux 8gcc-toolset-13-binutilsNot affected
Red Hat Enterprise Linux 8gcc-toolset-13-gdbNot affected
Red Hat Enterprise Linux 8gcc-toolset-14-binutilsNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=2330669binutils: objdump: buffer Overflow in the BFD library's handling of tekhex format files

EPSS

Процентиль: 15%
0.00063
Низкий

6.6 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-53589

CVSS3: 8.4
ubuntu
12 месяцев назад

GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD (Binary File Descriptor) library's handling of tekhex format files.

nvd логотип

CVE-2024-53589

CVSS3: 8.4
nvd
12 месяцев назад

GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD (Binary File Descriptor) library's handling of tekhex format files.

msrc логотип

CVE-2024-53589

msrc
3 месяца назад

GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD (Binary File Descriptor) library's handling of tekhex format files.

debian логотип

CVE-2024-53589

CVSS3: 8.4
debian
12 месяцев назад

GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD (Binary F ...

github логотип

GHSA-6hcg-vqw2-35jw

CVSS3: 8.4
github
12 месяцев назад

GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD (Binary File Descriptor) library's handling of tekhex format files.

EPSS

Процентиль: 15%
0.00063
Низкий

6.6 Medium

CVSS3