[ubuntu/kinetic-security] binutils 2.39-3ubuntu1.2 (Accepted)
Nishit Majithia
nishit.majithia at canonical.com
Wed May 24 09:15:04 UTC 2023
binutils (2.39-3ubuntu1.2) kinetic-security; urgency=medium
* SECURITY UPDATE: heap-based buffer overflow vulnerability
- debian/patches/CVE-2023-1579.patch: Fix a potential illegal memory
access in the BFD library when parsing a corrupt DWARF file.
- debian/patches/CVE-2023-1972.patch: Fix an illegal memory access
when an accessing a zer0-lengthverdef table.
- CVE-2023-1579
- CVE-2023-1972
* SECURITY UPDATE: out-of-bound read vulnerability
- debian/patches/CVE-2023-25584.patch: Lack of bounds checking in
vms-alpha.c parse_module
- CVE-2023-25584
* SECURITY UPDATE: segmentation fault due to uninitialized `file_table`
- debian/patches/CVE-2023-25585.patch: Use bfd_zmalloc to alloc
file_table
- CVE-2023-25585
* SECURITY UPDATE: segmentation fault due to uninitialized `the_bfd`
- debian/patches/CVE-2023-25588.patch: Field `the_bfd` of `asymbol` is
uninitialised
- CVE-2023-25588
Date: 2023-05-22 12:20:09.101991+00:00
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
https://launchpad.net/ubuntu/+source/binutils/2.39-3ubuntu1.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the kinetic-changes
mailing list