[ubuntu/jammy-security] binutils 2.38-4ubuntu2.6 (Accepted)

Nick Galanis nick.galanis at canonical.com
Mon Feb 26 10:02:02 UTC 2024

binutils (2.38-4ubuntu2.6) jammy-security; urgency=medium

  * SECURITY UPDATE: segmentation fault in objdump.c compare_symbols
    - debian/patches/CVE-2022-47695.patch: test symbol flags to exclude
      section and synthetic symbols before attempting to check flavour
    - CVE-2022-47695 
  * SECURITY UPDATE: excessive memory allocation in objdump.c
    - debian/patches/CVE-2022-48063.patch: check that the amount of memory to
      be allocated matches the size of the section
    - CVE-2022-48063
  * SECURITY UPDATE: Memory leak in find_abstract_instance in dwarf2.c
    - debian/patches/CVE-2022-48065.patch: remove memory leaks due to double
      allocation of the name variable, and free memory before re-assigning a
      new naming variable
    - CVE-2022-48065

Date: 2024-01-30 18:03:23.864351+00:00
Changed-By: Nick Galanis <nick.galanis at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the jammy-changes mailing list