CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
23.7%
Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64.
Author | Note |
---|---|
seth-arnold | binutils isn’t safe for untrusted inputs. |
ccdm94 | the vulnerable code was introduced by commit 31d6c13d (v2.39). The vulnerable function was introduced by commit f67741e1 (v2.39). Therefore, jammy and earlier are not affected. |