Lucene search

K
ubuntucveUbuntu.comUB:CVE-2022-48065
HistoryAug 22, 2023 - 12:00 a.m.

CVE-2022-48065

2023-08-2200:00:00
ubuntu.com
ubuntu.com
11
cve-2022-48065
gnu binutils
memory leak

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

5.7

Confidence

High

EPSS

0

Percentile

10.1%

GNU Binutils before 2.40 was discovered to contain a memory leak
vulnerability var the function find_abstract_instance in dwarf2.c.

Bugs

Notes

Author Note
seth-arnold binutils isn’t safe for untrusted inputs.
ccdm94 binutils in bionic and earlier does not include commit 422f3d3d. In this commit, function ‘find_abstract_instance’ was included, and with it, the ‘DW_AT_decl_file’ case, which is where the memory leak occurs. The patch provided by upstream also fixes function ‘scan_unit_for_symbols’, which could also cause a memory leak for similar reasons as the other function. Fixing ‘find_abstract_instance’ in bionic and earlier is not possible as the code being fixed is not present. Fixing ‘scan_unit_for_symbols’ would only introduce possibly undefined behavior, as the patch frees a variable that in bionic and earlier, is not initialized by ‘find_abstract_instance’ and is not initialized by the alternative there present, ‘find_abstract_instance_name’, that doesn’t even consider a filename for an argument.
OSVersionArchitecturePackageVersionFilename
ubuntu20.04noarchbinutils< 2.34-6ubuntu1.9UNKNOWN
ubuntu22.04noarchbinutils< 2.38-4ubuntu2.6UNKNOWN

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

5.7

Confidence

High

EPSS

0

Percentile

10.1%