Lucene search

Alpine Linux Development TeamALPINE:CVE-2023-25588

HistorySep 14, 2023 - 9:15 p.m.

CVE-2023-25588

2023-09-1421:15:10

Alpine Linux Development Team

security.alpinelinux.org

binutils

uninitialized field

bfd_mach_o_get_synthetic_symtab

application crash

local denial of service

cve-2023-25588.

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

10.3%

JSON

A flaw was found in Binutils. The field the_bfd of asymbolstruct is uninitialized in the bfd_mach_o_get_synthetic_symtab function, which may lead to an application crash and local denial of service.

OSVersionArchitecturePackageVersionFilename
Alpine3.18-mainnoarchbinutils= 2.40-r7UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Alpine	3.18-main	noarch	binutils	= 2.40-r7	UNKNOWN

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

10.3%

JSON

Related for ALPINE:CVE-2023-25588