[USN-6160-1] GNU binutils vulnerability

Marc Deslauriers marc.deslauriers at canonical.com
Tue Jun 13 19:03:09 UTC 2023

Ubuntu Security Notice USN-6160-1
June 13, 2023

binutils vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS


GNU binutils could be made to crash or run programs if it opened a
specially crafted file.

Software Description:
- binutils: GNU assembler, linker and binary utilities


It was discovered that GNU binutils incorrectly performed bounds checking
operations when parsing stabs debugging information. An attacker could
possibly use this issue to cause a denial of service or execute arbitrary

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
   binutils                        2.34-6ubuntu1.6
   binutils-multiarch              2.34-6ubuntu1.6

In general, a standard system update will make all the necessary changes.


Package Information:

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20230613/e96d2a9e/attachment.sig>

More information about the ubuntu-security-announce mailing list