7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
33.9%
It was discovered that GNU binutils incorrectly handled certain DWARF
files. An attacker could possibly use this issue to cause a crash or
execute arbitrary code. This issue only affected Ubuntu 22.10.
(CVE-2023-1579)
It was discovered that GNU binutils did not properly verify the version
definitions in zer0-lengthverdef table. An attacker could possibly use this
issue to cause a crash or execute arbitrary code. This issue only affected
Ubuntu 22.04 LTS, Ubuntu 22.10 and Ubuntu 23.04. (CVE-2023-1972)
It was discovered that GNU binutils did not properly validate the size of
length parameter in vms-alpha. An attacker could possibly use this issue to
cause a crash or access sensitive information. This issue only affected
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10.
(CVE-2023-25584)
It was discovered that GNU binutils did not properly initialized the
file_table field of struct module and the_bfd field of asymbol. An attacker
could possibly use this issue to cause a crash. This issue only affected
Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and
Ubuntu 22.04 LTS. (CVE-2023-25585, CVE-2023-25588)
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
33.9%