How severe is CVE-2023-25586?

CVE-2023-25586 has a CVSS v3 score of 4.7 (MEDIUM).

CVE-2023-25586

Name: binutils
Author: gnu

4.7MEDIUM

A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may lead to the use of an uninitialized variable that can cause a crash and local denial of service.

发布于: 9/14/2023更新于: 11/21/2024

描述

A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may lead to the use of an uninitialized variable that can cause a crash and local denial of service.

AI分析AI驱动

受影响产品

gnubinutils

2.40

参考资料

https://access.redhat.com/security/cve/CVE-2023-25586
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2167502
ExploitIssue TrackingPatch
https://security.netapp.com/advisory/ntap-20231103-0003/
https://sourceware.org/bugzilla/show_bug.cgi?id=29855
ExploitIssue TrackingPatch
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5830876a0cca17bef3b2d54908928e72cca53502
Mailing ListPatch
https://access.redhat.com/security/cve/CVE-2023-25586
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2167502
ExploitIssue TrackingPatch
https://security.netapp.com/advisory/ntap-20231103-0003/
https://sourceware.org/bugzilla/show_bug.cgi?id=29855
ExploitIssue TrackingPatch
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5830876a0cca17bef3b2d54908928e72cca53502
Mailing ListPatch