Lucene search

K
redhatcveRedhat.comRH:CVE-2022-48064
HistoryAug 23, 2023 - 8:15 p.m.

CVE-2022-48064

2023-08-2320:15:33
redhat.com
access.redhat.com
20
memory consumption
vulnerability
gnu binutils
denial of service
elf file

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

5.2 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.0%

An excessive memory consumption vulnerability was identified in GNU Binutils, specifically in the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. An attacker could exploit this by providing a crafted ELF file, potentially leading to a denial of service attack through excessive memory usage.

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

5.2 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.0%