Lucene search

[email protected]NVD:CVE-2022-48063

HistoryAug 22, 2023 - 7:16 p.m.

CVE-2022-48063

2023-08-2219:16:30

CWE-400

[email protected]

web.nvd.nist.gov

cve-2022-48063

gnu binutils

memory consumption

elf file

dns attack

security vulnerability

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.3%

JSON

GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.

Affected configurations

NVD

Node

gnubinutilsRange<2.40

References

security.netapp.com/advisory/ntap-20231006-0008/

sourceware.org/bugzilla/show_bug.cgi?id=29924

sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=75393a2d54bcc40053e5262a3de9d70c5ebfbbfd

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.3%

JSON

Related for NVD:CVE-2022-48063

cvelist1 alpinelinux1 prion1 veracode1 debiancve1 ubuntucve1 cve1 redhatcve1 osv3 nessus19 cloudfoundry1 ubuntu2 openvas19 redos1 photon3 ibm1