Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Ubuntu 22.10: USN-5762-1 Moderate: Binutils Code Execution Threat

ubuntu
Calendar Grey December 5, 2022
Dist Ubuntu Esm H88
Take immediate action on Ubuntu Security Notice USN-5762-1 concerning the binutils flaw to avert potential exploits.
GNU binutils could be made to crash or execute arbitrary code if it received a specially crafted COFF file.

Summary

GNU binutils could be made to crash or execute arbitrary code if it received

a specially crafted COFF file.

Software Description:

- binutils: GNU assembler, linker and binary utilities

Details:

It was discovered that GNU binutils incorrectly handled certain COFF files.

An attacker could possibly use this issue to cause a crash or execute

arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.10:
  binutils                        2.39-3ubuntu1.1
  binutils-multiarch              2.39-3ubuntu1.1

Ubuntu 22.04 LTS:
  binutils                        2.38-4ubuntu2.1
  binutils-multiarch              2.38-4ubuntu2.1

Ubuntu 20.04 LTS:
  binutils                        2.34-6ubuntu1.4
  binutils-multiarch              2.34-6ubuntu1.4

Ubuntu 18.04 LTS:
  binutils                        2.30-21ubuntu1~18.04.8
  binutils-multiarch              2.30-21ubuntu1~18.04.8

Ubuntu 16.04 ESM:
  binutils                        2.26.1-1ubuntu1~16.04.8+esm5
  binutils-multiarch              2.26.1-1ubuntu1~16.04.8+esm5

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5762-1

CVE-2022-38533

Severity
important
Lowest
Low
Medium
High
Critical

December 05, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.