[ubuntu/jammy-security] binutils 2.38-4ubuntu2.2 (Accepted)
Nishit Majithia
nishit.majithia at canonical.com
Wed May 24 09:15:05 UTC 2023
binutils (2.38-4ubuntu2.2) jammy-security; urgency=medium
* SECURITY UPDATE: heap-based buffer overflow vulnerability
- debian/patches/CVE-2023-1972.patch: Fix an illegal memory access
when an accessing a zer0-lengthverdef table.
- CVE-2023-1972
* SECURITY UPDATE: out-of-bound read vulnerability
- debian/patches/CVE-2023-25584.patch: Lack of bounds checking in
vms-alpha.c parse_module
- CVE-2023-25584
* SECURITY UPDATE: segmentation fault due to uninitialized `file_table`
- debian/patches/CVE-2023-25585.patch: Use bfd_zmalloc to alloc
file_table
- CVE-2023-25585
* SECURITY UPDATE: segmentation fault due to uninitialized `the_bfd`
- debian/patches/CVE-2023-25588.patch: Field `the_bfd` of `asymbol` is
uninitialised
- CVE-2023-25588
Date: 2023-05-22 09:48:07.975612+00:00
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
https://launchpad.net/ubuntu/+source/binutils/2.38-4ubuntu2.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list