Описание
A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can cause the program to read memory outside of intended bounds. As a result, affected tools may crash or expose unintended memory contents, leading to denial-of-service or limited information disclosure risks.
Отчет
This is a MODERATE impact vulnerability. The flaw in GNU Binutils BFD library occurs when processing specially crafted XCOFF object files, leading to out-of-bounds memory access. This could result in application crashes or information disclosure. Exploitation requires an attacker to provide a malicious XCOFF file to a vulnerable application.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | binutils | Fix deferred | ||
| Red Hat Enterprise Linux 10 | gcc-toolset-15-binutils | Fix deferred | ||
| Red Hat Enterprise Linux 10 | gdb | Fix deferred | ||
| Red Hat Enterprise Linux 10 | mingw-binutils | Fix deferred | ||
| Red Hat Enterprise Linux 6 | binutils | Fix deferred | ||
| Red Hat Enterprise Linux 7 | binutils | Fix deferred | ||
| Red Hat Enterprise Linux 7 | gdb | Fix deferred | ||
| Red Hat Enterprise Linux 8 | binutils | Fix deferred | ||
| Red Hat Enterprise Linux 8 | gcc-toolset-14-binutils | Fix deferred | ||
| Red Hat Enterprise Linux 8 | gcc-toolset-14-gdb | Fix deferred |
Показывать по
Дополнительная информация
Статус:
EPSS
6.1 Medium
CVSS3
Связанные уязвимости
A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can cause the program to read memory outside of intended bounds. As a result, affected tools may crash or expose unintended memory contents, leading to denial-of-service or limited information disclosure risks.
A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can cause the program to read memory outside of intended bounds. As a result, affected tools may crash or expose unintended memory contents, leading to denial-of-service or limited information disclosure risks.
Binutils: out-of-bounds read in xcoff relocation processing in gnu binutils bfd library
A flaw was found in the GNU Binutils BFD library, a widely used compon ...
A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can cause the program to read memory outside of intended bounds. As a result, affected tools may crash or expose unintended memory contents, leading to denial-of-service or limited information disclosure risks.
EPSS
6.1 Medium
CVSS3