Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2022-48063
HistoryAug 22, 2023 - 12:00 a.m.

CVE-2022-48063

2023-08-2200:00:00
ubuntu.com
ubuntu.com
17
cve-2022-48063
gnu binutils
excessive memory consumption
load_separate_debug_files
dwarf2.c
crafted elf file
dns attack

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

5.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.5%

JSON

GNU Binutils before 2.40 was discovered to contain an excessive memory
consumption vulnerability via the function load_separate_debug_files at
dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS
attack.

Bugs

Notes

Author Note
seth-arnold binutils isn’t safe for untrusted inputs.
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchbinutils< 2.30-21ubuntu1~18.04.9+esm3UNKNOWN
ubuntu20.04noarchbinutils< 2.34-6ubuntu1.9UNKNOWN
ubuntu22.04noarchbinutils< 2.38-4ubuntu2.6UNKNOWN
ubuntu14.04noarchbinutils< 2.24-5ubuntu14.2+esm5UNKNOWN
ubuntu16.04noarchbinutils< 2.26.1-1ubuntu1~16.04.8+esm9UNKNOWN

Related

cvelist 1
veracode 1
nvd 1
debiancve 1
alpinelinux 1
prion 1
redhatcve 1
cve 1
osv 3
cloudfoundry 1
nessus 19
openvas 19
ubuntu 2
redos 1
photon 3
ibm 1
cvelist
cvelist
CVE-2022-48063
2023-08-22 00:00:00
veracode
veracode
Denial Of Service (DoS)
2023-08-31 20:28:43
nvd
nvd
CVE-2022-48063
2023-08-22 19:16:30
debiancve
debiancve
CVE-2022-48063
2023-08-22 19:16:30
alpinelinux
alpinelinux
CVE-2022-48063
2023-08-22 19:16:30
prion
prion
Memory corruption
2023-08-22 19:16:00
redhatcve
redhatcve
CVE-2022-48063
2023-08-23 19:45:31
cve
cve
CVE-2022-48063
2023-08-22 19:16:30
osv
osv
CVE-2022-48063
2023-08-22 19:16:30
binutils vulnerabilities
2024-02-26 10:13:22
binutils vulnerabilities
2023-10-04 17:09:59
cloudfoundry
cloudfoundry
USN-6655-1: GNU binutils vulnerabilities | Cloud Foundry
2024-04-04 00:00:00
nessus
nessus
Ubuntu 20.04 LTS / 22.04 LTS : GNU binutils vulnerabilities (USN-6655-1)
2024-02-26 00:00:00
EulerOS Virtualization 2.9.1 : binutils (EulerOS-SA-2024-1029)
2024-01-16 00:00:00
EulerOS 2.0 SP9 : binutils (EulerOS-SA-2023-3292)
2024-01-16 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6655-1)
2024-02-27 00:00:00
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2024-1029)
2024-01-05 00:00:00
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2023-3324)
2023-12-12 00:00:00
ubuntu
ubuntu
GNU binutils vulnerabilities
2024-02-26 00:00:00
GNU binutils vulnerabilities
2023-10-04 00:00:00
redos
redos
ROS-20231013-05
2023-10-13 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-5.0-0096
2023-09-20 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0478
2023-09-25 00:00:00
Important Photon OS Security Update - PHSA-2019-3.0-0031
2019-09-28 00:00:00
ibm
ibm
Security Bulletin: Order Management is subject to various OS vulnerabilites which could have allowed attacker various entry points into application.
2024-04-12 17:49:20

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

5.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.5%

JSON
Related for UB:CVE-2022-48063
cvelist1veracode1nvd1debiancve1alpinelinux1prion1redhatcve1cve1osv3cloudfoundry1nessus19openvas19ubuntu2redos1photon3ibm1