Bug 2165857 (CVE-2023-22608) - CVE-2023-22608 binutils: objdump SEGV in concat_filename() at dwarf2.c:2060
Summary: CVE-2023-22608 binutils: objdump SEGV in concat_filename() at dwarf2.c:2060
Keywords:
Status: CLOSED DUPLICATE of bug 2188562
Alias: CVE-2023-22608
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: Embargoed2157097
TreeView+ depends on / blocked
 
Reported: 2023-01-31 09:33 UTC by Dhananjay Arunesh
Modified: 2023-04-21 07:57 UTC (History)
33 users (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2023-02-06 07:07:52 UTC

Attachments (Terms of Use)

Description Dhananjay Arunesh 2023-01-31 09:33:39 UTC 
A vulnerability was found in binutils where, objdump SEGV in concat_filename() at dwarf2.c:2060.

References:
https://sourceware.org/bugzilla/show_bug.cgi?id=29936
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8af23b30edbaedf009bc9b243cd4dfa10ae1ac09
Comment 1 Siddhesh Poyarekar 2023-01-31 11:14:43 UTC 
objdump is a standalone binary.  This is not a security issue, it's just a regular crash so please reject the CVE.
Comment 2 Siddhesh Poyarekar 2023-01-31 12:05:36 UTC 
This one is in libbfd, so it technically does qualify for a CVE.
Comment 6 Dhananjay Arunesh 2023-04-21 07:57:18 UTC 

*** This bug has been marked as a duplicate of bug 2188562 ***
Note You need to log in before you can comment on or make changes to this bug.