Lucene search
HistorySep 14, 2023 - 9:15 p.m.
CVE-2023-25584
cve-2023-25584
out-of-bounds read
parse_module function
binutils
nvd
7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
6.7 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
19.1%
An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils.
Affected configurations
Node
gnubinutilsRange<2.40
| CPE | Name | Operator | Version |
|---|---|---|---|
| gnu:binutils | gnu binutils | lt | 2.40 |
CNA Affected
[
{
"product": "binutils",
"vendor": "n/a",
"defaultStatus": "affected"
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 6",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "binutils",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "binutils",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "binutils",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "gcc-toolset-11-binutils",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "gcc-toolset-11-gdb",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "gcc-toolset-12-binutils",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "gcc-toolset-12-gdb",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "binutils",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "gcc-toolset-12-binutils",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "gcc-toolset-12-gdb",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
]
},
{
"product": "Extra Packages for Enterprise Linux 8",
"vendor": "Fedora",
"collectionURL": "https://packages.fedoraproject.org/",
"packageName": "radare2",
"defaultStatus": "unaffected"
},
{
"product": "Fedora 37",
"vendor": "Fedora",
"collectionURL": "https://packages.fedoraproject.org/",
"packageName": "binutils",
"defaultStatus": "unaffected"
},
{
"product": "Fedora 36",
"vendor": "Fedora",
"collectionURL": "https://packages.fedoraproject.org/",
"packageName": "radare2",
"defaultStatus": "unaffected"
},
{
"product": "Fedora",
"vendor": "Fedora",
"collectionURL": "https://packages.fedoraproject.org/",
"packageName": "binutils",
"defaultStatus": "unaffected"
},
{
"product": "Extra Packages for Enterprise Linux 7",
"vendor": "Fedora",
"collectionURL": "https://packages.fedoraproject.org/",
"packageName": "radare2",
"defaultStatus": "unaffected"
},
{
"product": "Fedora 37",
"vendor": "Fedora",
"collectionURL": "https://packages.fedoraproject.org/",
"packageName": "mingw-binutils",
"defaultStatus": "unaffected"
},
{
"product": "Fedora 37",
"vendor": "Fedora",
"collectionURL": "https://packages.fedoraproject.org/",
"packageName": "radare2",
"defaultStatus": "unaffected"
},
{
"product": "Fedora 36",
"vendor": "Fedora",
"collectionURL": "https://packages.fedoraproject.org/",
"packageName": "insight",
"defaultStatus": "unaffected"
},
{
"product": "Extra Packages for Enterprise Linux 8",
"vendor": "Fedora",
"collectionURL": "https://packages.fedoraproject.org/",
"packageName": "rizin",
"defaultStatus": "unaffected"
},
{
"product": "Fedora 36",
"vendor": "Fedora",
"collectionURL": "https://packages.fedoraproject.org/",
"packageName": "binutils",
"defaultStatus": "unaffected"
},
{
"product": "Fedora 36",
"vendor": "Fedora",
"collectionURL": "https://packages.fedoraproject.org/",
"packageName": "rizin",
"defaultStatus": "unaffected"
},
{
"product": "Fedora 36",
"vendor": "Fedora",
"collectionURL": "https://packages.fedoraproject.org/",
"packageName": "mingw-binutils",
"defaultStatus": "unaffected"
},
{
"product": "Fedora 37",
"vendor": "Fedora",
"collectionURL": "https://packages.fedoraproject.org/",
"packageName": "insight",
"defaultStatus": "unaffected"
}
]Related
cvelist
cvelist
openvas
openvas
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2023-2950)
2023-10-13 00:00:00
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2023-2931)
2023-10-10 00:00:00
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2023-3048)
2023-10-31 00:00:00
nvd
nvd
CVE-2023-25584
2023-09-14 21:15:10
nessus
nessus
EulerOS Virtualization 2.11.1 : binutils (EulerOS-SA-2023-3048)
2024-01-16 00:00:00
EulerOS Virtualization 2.10.0 : binutils (EulerOS-SA-2023-2931)
2024-01-16 00:00:00
EulerOS 2.0 SP10 : binutils (EulerOS-SA-2023-2779)
2024-01-16 00:00:00
redhatcve
redhatcve
CVE-2023-25584
2023-02-07 19:27:03
veracode
veracode
Out-of-Bounds Read
2023-10-09 13:17:55
ubuntucve
ubuntucve
CVE-2023-25584
2023-02-15 00:00:00
CVE-2022-47673
2023-08-22 00:00:00
prion
prion
Design/Logic Flaw
2023-09-14 21:15:00
osv
osv
CVE-2023-25584
2023-09-14 21:15:10
binutils vulnerabilities
2023-05-24 08:57:00
alpinelinux
alpinelinux
CVE-2023-25584
2023-09-14 21:15:10
debiancve
debiancve
CVE-2023-25584
2023-09-14 21:15:10
ubuntu
ubuntu
GNU binutils vulnerabilities
2023-05-24 00:00:00
cloudfoundry
cloudfoundry
USN-6101-1: GNU binutils vulnerabilities | Cloud Foundry
2023-06-30 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0604
2023-06-27 00:00:00
Critical Photon OS Security Update - PHSA-2023-5.0-0060
2023-07-29 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0087
2023-09-06 00:00:00
hp
hp
HP ThinPro 8.0 SP 7 Security Updates
2024-01-26 00:00:00
7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
6.7 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
19.1%
Related for CVE-2023-25584