5.5

CVE-2023-25585

Exploit

Field `file_table` of `struct module *module` is uninitialized

A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may lead to application crash and local denial of service.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnuBinutils Version2.40
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.38% 0.292
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
secalert@redhat.com 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE-457 Use of Uninitialized Variable

The code uses a variable that has not been initialized, leading to unpredictable or unintended results.

CWE-908 Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.

https://access.redhat.com/security/cve/CVE-2023-25585
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2167498
Patch
Exploit
Issue Tracking
https://security.netapp.com/advisory/ntap-20231103-0003/
https://sourceware.org/bugzilla/show_bug.cgi?id=29892
Patch
Exploit
Issue Tracking
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=65cf035b8dc1df5d8020e0b1449514a3c42933e7
Patch
Mailing List