Lucene search

DebianDEBIAN:DLA-552-1:1F392

HistoryJul 18, 2016 - 8:45 a.m.

[SECURITY] [DLA 552-1] binutils security update

2016-07-1808:45:05

lists.debian.org

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

73.1%

JSON

Package : binutils
Version : 2.22-8+deb7u3
CVE ID : CVE-2016-2226 CVE-2016-4487 CVE-2016-4488 CVE-2016-4489
CVE-2016-4490 CVE-2016-4492 CVE-2016-4493 CVE-2016-6131

Some minor security issues have been identified and fixed in binutils in
Debian LTS. These are:

CVE-2016-2226

Exploitable buffer overflow.

CVE-2016-4487

Invalid write due to a use-after-free to array btypevec.

CVE-2016-4488

Invalid write due to a use-after-free to array ktypevec.

CVE-2016-4489

Invalid write due to integer overflow.

CVE-2016-4490

Write access violation.

CVE-2016-4492

Write access violations.

CVE-2016-4493

Read access violations.

CVE-2016-6131

Stack buffer overflow when printing bad bytes in Intel Hex objects

For Debian 7 "Wheezy", these problems have been fixed in version
2.22-8+deb7u3.

We recommend that you upgrade your binutils packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Brian May <[email protected]>

OSVersionArchitecturePackageVersionFilename
Debian7amd64binutils-dev< 2.22-8+deb7u3binutils-dev_2.22-8+deb7u3_amd64.deb
Debian7amd64binutils-multiarch< 2.22-8+deb7u3binutils-multiarch_2.22-8+deb7u3_amd64.deb
Debian7armhfbinutils-multiarch< 2.22-8+deb7u3binutils-multiarch_2.22-8+deb7u3_armhf.deb
Debian7armelbinutils-dev< 2.22-8+deb7u3binutils-dev_2.22-8+deb7u3_armel.deb
Debian7armhfbinutils-dev< 2.22-8+deb7u3binutils-dev_2.22-8+deb7u3_armhf.deb
Debian7allbinutils-doc< 2.22-8+deb7u3binutils-doc_2.22-8+deb7u3_all.deb
Debian7armelbinutils< 2.22-8+deb7u3binutils_2.22-8+deb7u3_armel.deb
Debian7allbinutils-source< 2.22-8+deb7u3binutils-source_2.22-8+deb7u3_all.deb
Debian7armelbinutils-gold< 2.22-8+deb7u3binutils-gold_2.22-8+deb7u3_armel.deb
Debian7armhfbinutils-gold< 2.22-8+deb7u3binutils-gold_2.22-8+deb7u3_armhf.deb

OS	Version	Architecture	Package	Version	Filename
Debian	7	amd64	binutils-dev	< 2.22-8+deb7u3	binutils-dev_2.22-8+deb7u3_amd64.deb
Debian	7	amd64	binutils-multiarch	< 2.22-8+deb7u3	binutils-multiarch_2.22-8+deb7u3_amd64.deb
Debian	7	armhf	binutils-multiarch	< 2.22-8+deb7u3	binutils-multiarch_2.22-8+deb7u3_armhf.deb
Debian	7	armel	binutils-dev	< 2.22-8+deb7u3	binutils-dev_2.22-8+deb7u3_armel.deb
Debian	7	armhf	binutils-dev	< 2.22-8+deb7u3	binutils-dev_2.22-8+deb7u3_armhf.deb
Debian	7	all	binutils-doc	< 2.22-8+deb7u3	binutils-doc_2.22-8+deb7u3_all.deb
Debian	7	armel	binutils	< 2.22-8+deb7u3	binutils_2.22-8+deb7u3_armel.deb
Debian	7	all	binutils-source	< 2.22-8+deb7u3	binutils-source_2.22-8+deb7u3_all.deb
Debian	7	armel	binutils-gold	< 2.22-8+deb7u3	binutils-gold_2.22-8+deb7u3_armel.deb
Debian	7	armhf	binutils-gold	< 2.22-8+deb7u3	binutils-gold_2.22-8+deb7u3_armhf.deb