Lucene search

K
redosRedosROS-20231013-05
HistoryOct 13, 2023 - 12:00 a.m.

ROS-20231013-05

2023-10-1300:00:00
redos.red-soft.ru
14
memory leak
denial of service
excessive memory consumption
remote exploitation
gnu software development
dns attack
elf file crafting
unix

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

17.0%

Vulnerability of pr_function_type function in prdbg.c file of GNU Binutils development tool
is related to a memory leak. Exploitation of the vulnerability could allow an attacker to cause a denial of
denial of service

A vulnerability in the parse_stab_struct_fields function of the GNU development tool is associated with a memory release error.
memory release error. Exploitation of the vulnerability could allow an attacker to cause a denial of service

A vulnerability in the bfd_dwarf2_find_nearest_line_with_alt function in dwarf2.c of the GNU software development tool
Binutils is associated with excessive memory consumption. Exploiting the vulnerability could allow an attacker,
acting remotely, provide a crafted ELF file and trigger a DNS attack

Vulnerability in the find_abstract_instance function in dwarf2.c of the GNU Binutils development tool is related to a memory leak.
is related to a memory leak. Exploitation of the vulnerability could allow an attacker acting remotely,
cause a denial of service

Vulnerability of stab_demangle_v3_arg function in stabs.c of GNU Binutils software development tool is related to a memory leak.
with a memory leak. Exploitation of the vulnerability could allow an attacker to cause a denial of service

A vulnerability in the load_separate_debug_files function in dwarf2.c.c of the GNU Binutils software development tool
is related to excessive memory consumption. Exploitation of the vulnerability could allow an attacker,
acting remotely, to provide a crafted ELF file and cause a DNS attack

A vulnerability in the make_tempdir and make_tempname functions in bucomm.c of the GNU Binutils development tool
is related to a memory leak. Exploitation of the vulnerability could allow an attacker to cause a denial of
service

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64binutils< 2.40-9UNKNOWN

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

17.0%