5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.0%
GNU Binutils before 2.40 was discovered to contain a memory leak
vulnerability var the function find_abstract_instance in dwarf2.c.
Author | Note |
---|---|
seth-arnold | binutils isn’t safe for untrusted inputs. |
ccdm94 | binutils in bionic and earlier does not include commit 422f3d3d. In this commit, function ‘find_abstract_instance’ was included, and with it, the ‘DW_AT_decl_file’ case, which is where the memory leak occurs. The patch provided by upstream also fixes function ‘scan_unit_for_symbols’, which could also cause a memory leak for similar reasons as the other function. Fixing ‘find_abstract_instance’ in bionic and earlier is not possible as the code being fixed is not present. Fixing ‘scan_unit_for_symbols’ would only introduce possibly undefined behavior, as the patch frees a variable that in bionic and earlier, is not initialized by ‘find_abstract_instance’ and is not initialized by the alternative there present, ‘find_abstract_instance_name’, that doesn’t even consider a filename for an argument. |
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.0%