ALT-PU-2022-2326-1
Closed vulnerabilities
Published: 2022-01-07
BDU:2022-00594
Уязвимость функции stab_xcoff_builtin_type (stabs.c) набора инструментального программного обеспечения GNU Binary Utilities, связанная с записью за границами буфера, позволяющая нарушителю выполнить произвольный код
Severity: HIGH (7.5)
Vector: AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2021-12-15
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2021-45078
stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
- FEDORA-2021-3614c0b466
- FEDORA-2021-3614c0b466
- FEDORA-2021-f2c6802743
- FEDORA-2021-f2c6802743
- GLSA-202208-30
- GLSA-202208-30
- https://security.netapp.com/advisory/ntap-20220107-0002/
- https://security.netapp.com/advisory/ntap-20220107-0002/
- https://sourceware.org/bugzilla/show_bug.cgi?id=28694
- https://sourceware.org/bugzilla/show_bug.cgi?id=28694
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=161e87d12167b1e36193385485c1f6ce92f74f02
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=161e87d12167b1e36193385485c1f6ce92f74f02