Lucene search

K
redhatcveRedhat.comRH:CVE-2022-48063
HistoryAug 23, 2023 - 7:45 p.m.

CVE-2022-48063

2023-08-2319:45:31
redhat.com
access.redhat.com
9
memory consumption
gnu binutils
elf file
denial of service

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

5.2

Confidence

High

EPSS

0

Percentile

10.3%

An excessive memory consumption vulnerability has been found in GNU Binutils within the function load_separate_debug_files in dwarf2.c. This vulnerability could be exploited by an attacker supplying a crafted ELF file, leading to a denial of service attack due to excessive memory usage.

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

5.2

Confidence

High

EPSS

0

Percentile

10.3%