Bug 2233980 (CVE-2022-47007) - CVE-2022-47007 binutils: memory leak in stab_demangle_v3_arg() in stabs.c
Summary: CVE-2022-47007 binutils: memory leak in stab_demangle_v3_arg() in stabs.c
Keywords:
Status: NEW
Alias: CVE-2022-47007
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2233981 2233982 2233983 2234165 2234166 2234167 2234168 2234169 2234170 2234171 2234172 2234173 2234174 2234175 2234176 2234177 2234178 2234179
Blocks: 2233947
TreeView+ depends on / blocked
 
Reported: 2023-08-23 20:18 UTC by Guilherme de Almeida Suckevicz
Modified: 2024-09-12 03:30 UTC (History)
35 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A memory leak was found in function stab_demangle_v3_arg in stabs.c in Binutils, allows local attacker to exploit the vulnerability using specially crafted file to cause Denial of Service.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description Guilherme de Almeida Suckevicz 2023-08-23 20:18:28 UTC
An issue was discovered function stab_demangle_v3_arg in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks.

Reference:
https://sourceware.org/bugzilla/show_bug.cgi?id=29254

Comment 1 Guilherme de Almeida Suckevicz 2023-08-23 20:20:06 UTC
Created binutils tracking bugs for this issue:

Affects: fedora-all [bug 2233981]


Created gdb tracking bugs for this issue:

Affects: fedora-all [bug 2233982]


Created mingw-binutils tracking bugs for this issue:

Affects: fedora-all [bug 2233983]


Note You need to log in before you can comment on or make changes to this bug.