CVE-2022-48063

Updated: 2023-11-07 20:22:01.931177

Description:

GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU binutils 2.35.2 5.5 MEDIUM Ignored 2023-11-08 04:08:04
CentOS 6 ELS binutils 2.20 5.5 MEDIUM Ignored 2023-08-28 05:06:32
CentOS 7 ELS binutils 2.27 5.5 MEDIUM Ignored 2023-09-19 09:30:31
CentOS 8.4 ELS binutils 2.30-93 5.5 MEDIUM Ignored 2023-08-28 05:06:32
CentOS 8.5 ELS binutils 2.30-108 5.5 MEDIUM Ignored 2023-08-28 05:06:32
CloudLinux 6 ELS binutils 2.20 5.5 MEDIUM Ignored 2023-08-28 05:06:32
Oracle Linux 6 ELS binutils 2.20 5.5 MEDIUM Ignored 2023-08-28 05:06:32
Ubuntu 16.04 ELS binutils 2.26 5.5 MEDIUM Released CLSA-2023:1699380309 2023-11-07 13:10:13
Ubuntu 18.04 ELS binutils 2.30-21 5.5 MEDIUM Released CLSA-2023:1699380962 2023-11-07 16:31:29