[ubuntu/jammy-updates] binutils 2.38-4ubuntu2.2 (Accepted)

Ubuntu Archive Robot ubuntu-archive-robot at lists.canonical.com
Wed May 24 10:59:01 UTC 2023

binutils (2.38-4ubuntu2.2) jammy-security; urgency=medium

  * SECURITY UPDATE: heap-based buffer overflow vulnerability
    - debian/patches/CVE-2023-1972.patch: Fix an illegal memory access
      when an accessing a zer0-lengthverdef table.
    - CVE-2023-1972
  * SECURITY UPDATE: out-of-bound read vulnerability
    - debian/patches/CVE-2023-25584.patch: Lack of bounds checking in
      vms-alpha.c parse_module
    - CVE-2023-25584
  * SECURITY UPDATE: segmentation fault due to uninitialized `file_table`
    - debian/patches/CVE-2023-25585.patch: Use bfd_zmalloc to alloc
    - CVE-2023-25585
  * SECURITY UPDATE: segmentation fault due to uninitialized `the_bfd`
    - debian/patches/CVE-2023-25588.patch: Field `the_bfd` of `asymbol` is
    - CVE-2023-25588

Date: 2023-05-22 09:48:07.975612+00:00
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the jammy-changes mailing list