Lucene search
OracleLinuxELSA-2023-6236HistoryNov 01, 2023 - 12:00 a.m.
binutils security update
2023-11-0100:00:00
linux.oracle.com
5
binutils
security update
cve-2022-4285
memory address
backport
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.7 Medium
AI Score
Confidence
High
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
18.9%
[2.30-119.0.2.2]
- Fix for CVE-2022-4285.
- Fix illegal memory address when parsing an ELF file contaiing corrupt
symbol version information.
Upstream commit 5c831a3c7f3ca98d6aba1200353311e1a1f84c70. - Partial backport of _bfd_mul_overflow support from upstream commit
1f4361a77b18c5ab32baf2f30fefe5e301e017be - Reviewed-by: David Faust
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 8 | src | binutils | < 2.30-119.0.2.el8_8.2 | binutils-2.30-119.0.2.el8_8.2.src.rpm |
| oracle linux | 8 | src | binutils | < 2.30-119.0.2.el8_8.2 | binutils-2.30-119.0.2.el8_8.2.src.rpm |
| oracle linux | 8 | src | binutils | < 2.30-119.0.2.el8_8.2 | binutils-2.30-119.0.2.el8_8.2.src.rpm |
| oracle linux | 8 | aarch64 | binutils | < 2.30-119.0.2.el8_8.2 | binutils-2.30-119.0.2.el8_8.2.aarch64.rpm |
| oracle linux | 8 | aarch64 | binutils | < 2.30-119.0.2.el8_8.2 | binutils-2.30-119.0.2.el8_8.2.aarch64.rpm |
| oracle linux | 8 | aarch64 | binutils-devel | < 2.30-119.0.2.el8_8.2 | binutils-devel-2.30-119.0.2.el8_8.2.aarch64.rpm |
| oracle linux | 8 | src | binutils | < 2.30-119.0.2.el8_8.2 | binutils-2.30-119.0.2.el8_8.2.src.rpm |
| oracle linux | 8 | src | binutils | < 2.30-119.0.2.el8_8.2 | binutils-2.30-119.0.2.el8_8.2.src.rpm |
| oracle linux | 8 | src | binutils | < 2.30-119.0.2.el8_8.2 | binutils-2.30-119.0.2.el8_8.2.src.rpm |
| oracle linux | 8 | x86_64 | binutils | < 2.30-119.0.2.el8_8.2 | binutils-2.30-119.0.2.el8_8.2.x86_64.rpm |
Related
nessus
nessus
RHEL 8 : binutils (RHSA-2023:7394)
2023-11-21 00:00:00
RHEL 9 : binutils (RHSA-2023:6593)
2023-11-07 00:00:00
Fedora 36 : mingw-binutils (2023-11256597a8)
2023-01-12 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: mingw-binutils-2.37-6.fc36
2023-01-12 01:35:22
[SECURITY] Fedora 37 Update: mingw-binutils-2.38-6.fc37
2023-01-12 01:53:39
[SECURITY] Fedora 36 Update: insight-13.0.50.20220502-4.fc36
2022-12-23 01:21:27
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to denial of service in GNU Binutils [CVE-2022-4285]
2024-04-25 18:25:21
redhat
redhat
(RHSA-2023:6236) Moderate: binutils security update
2023-11-01 12:35:17
(RHSA-2023:6593) Moderate: binutils security update
2023-11-07 06:09:39
(RHSA-2023:7394) Moderate: binutils security update
2023-11-21 09:47:05
almalinux
almalinux
Moderate: binutils security update
2023-11-01 00:00:00
Moderate: gcc-toolset-12-binutils security update
2023-05-16 00:00:00
Moderate: binutils security update
2023-11-07 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-4285 affecting package binutils for versions less than 2.37-5
2023-02-24 01:53:30
CVE-2022-4285 affecting package binutils 2.36.1-2
2023-03-02 04:18:34
osv
osv
Moderate: binutils security update
2023-11-01 00:00:00
Moderate: binutils security update
2023-11-07 00:00:00
Moderate: gcc-toolset-12-binutils security update
2023-05-16 00:00:00
redos
redos
ROS-20230203-03
2023-02-03 00:00:00
veracode
veracode
Denial Of Service (DoS)
2023-03-12 22:06:00
rocky
rocky
binutils security update
2023-11-11 22:59:34
openvas
openvas
Fedora: Security Advisory for insight (FEDORA-2022-07d49bd9a8)
2022-12-23 00:00:00
Fedora: Security Advisory for mingw-binutils (FEDORA-2023-11256597a8)
2023-01-12 00:00:00
Fedora: Security Advisory for insight (FEDORA-2022-3efcae2a46)
2022-12-23 00:00:00
oraclelinux
oraclelinux
binutils security update
2023-11-11 00:00:00
gcc-toolset-12-binutils security update
2023-05-24 00:00:00
cve
cve
CVE-2022-4285
2023-01-27 18:15:15
alpinelinux
alpinelinux
CVE-2022-4285
2023-01-27 18:15:15
debiancve
debiancve
CVE-2022-4285
2023-01-27 18:15:15
redhatcve
redhatcve
CVE-2022-4285
2022-12-05 09:31:14
prion
prion
Design/Logic Flaw
2023-01-27 18:15:00
photon
photon
Moderate Photon OS Security Update - PHSA-2023-5.0-0080
2023-08-26 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0399
2023-05-31 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0637
2023-08-23 00:00:00
ubuntucve
ubuntucve
CVE-2022-4285
2023-01-27 00:00:00
cloudfoundry
cloudfoundry
USN-6544-1: GNU binutils vulnerabilities | Cloud Foundry
2024-04-04 00:00:00
ubuntu
ubuntu
GNU binutils vulnerabilities
2023-12-11 00:00:00
gentoo
gentoo
GNU Binutils: Multiple Vulnerabilities
2023-09-30 00:00:00
hp
hp
HP ThinPro 8.1 SP 2 Security Updates
2024-04-12 00:00:00
HP ThinPro 8.0 SP 8 Security Updates
2024-03-01 00:00:00
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.7 Medium
AI Score
Confidence
High
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
18.9%
Related for ELSA-2023-6236