5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.004 Low
EPSS
Percentile
73.1%
Package : binutils
Version : 2.22-8+deb7u3
CVE ID : CVE-2016-2226 CVE-2016-4487 CVE-2016-4488 CVE-2016-4489
CVE-2016-4490 CVE-2016-4492 CVE-2016-4493 CVE-2016-6131
Some minor security issues have been identified and fixed in binutils in
Debian LTS. These are:
CVE-2016-2226
Exploitable buffer overflow.
CVE-2016-4487
Invalid write due to a use-after-free to array btypevec.
CVE-2016-4488
Invalid write due to a use-after-free to array ktypevec.
CVE-2016-4489
Invalid write due to integer overflow.
CVE-2016-4490
Write access violation.
CVE-2016-4492
Write access violations.
CVE-2016-4493
Read access violations.
CVE-2016-6131
Stack buffer overflow when printing bad bytes in Intel Hex objects
For Debian 7 "Wheezy", these problems have been fixed in version
2.22-8+deb7u3.
We recommend that you upgrade your binutils packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
Brian May <[email protected]>
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | amd64 | binutils-dev | < 2.22-8+deb7u3 | binutils-dev_2.22-8+deb7u3_amd64.deb |
Debian | 7 | amd64 | binutils-multiarch | < 2.22-8+deb7u3 | binutils-multiarch_2.22-8+deb7u3_amd64.deb |
Debian | 7 | armhf | binutils-multiarch | < 2.22-8+deb7u3 | binutils-multiarch_2.22-8+deb7u3_armhf.deb |
Debian | 7 | armel | binutils-dev | < 2.22-8+deb7u3 | binutils-dev_2.22-8+deb7u3_armel.deb |
Debian | 7 | armhf | binutils-dev | < 2.22-8+deb7u3 | binutils-dev_2.22-8+deb7u3_armhf.deb |
Debian | 7 | all | binutils-doc | < 2.22-8+deb7u3 | binutils-doc_2.22-8+deb7u3_all.deb |
Debian | 7 | armel | binutils | < 2.22-8+deb7u3 | binutils_2.22-8+deb7u3_armel.deb |
Debian | 7 | all | binutils-source | < 2.22-8+deb7u3 | binutils-source_2.22-8+deb7u3_all.deb |
Debian | 7 | armel | binutils-gold | < 2.22-8+deb7u3 | binutils-gold_2.22-8+deb7u3_armel.deb |
Debian | 7 | armhf | binutils-gold | < 2.22-8+deb7u3 | binutils-gold_2.22-8+deb7u3_armhf.deb |
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.004 Low
EPSS
Percentile
73.1%