SUSE: 2022:4277-1 Important: Binutils Fixes for Multiple Risks

suse

November 29, 2022

An update that solves 10 vulnerabilities, contains 10 features and has 5 fixes is now available

Summary

This update for binutils fixes the following issues: The following security bugs were fixed: - CVE-2019-1010204: Fixed out-of-bounds read in elfcpp/elfcpp_file.h (bsc#1142579). - CVE-2021-3530: Fixed stack-based buffer overflow in demangle_path() in rust-demangle.c (bsc#1185597). - CVE-2021-3648: Fixed infinite loop while demangling rust symbols (bsc#1188374). - CVE-2021-3826: Fixed heap/stack buffer overflow in the dlang_lname function in d-demangle.c (bsc#1202969). - CVE-2021-45078: Fixed out-of-bounds write in stab_xcoff_builtin_type() in stabs.c (bsc#1193929). - CVE-2021-46195: Fixed uncontrolled recursion in libiberty/rust-demangle.c (bsc#1194783). - CVE-2022-27943: Fixed stack exhaustion in demangle_const in (bsc#1197592).

Topics Covered

security advisory buffer overflow suse important fix stack overflow binutils

References

#1142579 #1185597 #1185712 #1188374 #1191473

#1191908 #1193929 #1194783 #1197592 #1198237

#1198458 #1202816 #1202966 #1202967 #1202969

PED-2029 PED-2030 PED-2031 PED-2032 PED-2033

PED-2034 PED-2035 PED-2038 SLE-25046 SLE-25047

Cross- CVE-2019-1010204 CVE-2021-3530 CVE-2021-3648

CVE-2021-3826 CVE-2021-45078 CVE-2021-46195

CVE-2022-27943 CVE-2022-38126 CVE-2022-38127

CVE-2022-38533

CVSS scores:

CVE-2019-1010204 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2019-1010204 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CVE-2021-3530 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2021-3530 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CVE-2021-3648 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/U...

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2022:4277-1

Rating: important

Topics Covered

security advisory buffer overflow suse important fix stack overflow binutils

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2022:4277-1 Important: Binutils Fixes for Multiple Risks

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2022:4277-1 Important: Binutils Fixes for Multiple Risks

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!