OpenCVE

In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Fedoraproject	Fedora
Gnu	Binutils

Configuration 1 [-]

cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:fedoraproject:fedora:36:::::::*
	cpe:2.3:o:fedoraproject:fedora:37:::::::*

No data.

References

Link	Providers
https://github.com/bminor/binutils-gdb/commit/45d92439aebd0386ef8af76e1796d08cfe457e1d
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6AKZ2DTS3ATVN5PANNVLKLE5OP4OF25Q/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MTEHT3G6YKJ7F7MSGWYSI4UM3XBAYXZ/
https://nvd.nist.gov/vuln/detail/CVE-2022-38533
https://security.gentoo.org/glsa/202309-15
https://security.netapp.com/advisory/ntap-20221104-0007/
https://sourceware.org/bugzilla/show_bug.cgi?id=29482
https://sourceware.org/bugzilla/show_bug.cgi?id=29482#c2
https://sourceware.org/bugzilla/show_bug.cgi?id=29495
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=45d92439aebd0386ef8af76e1796d08cfe457e1d
https://www.cve.org/CVERecord?id=CVE-2022-38533

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-08-25T00:00:00

Updated: 2024-08-03T10:54:04.032Z

Reserved: 2022-08-22T00:00:00

Link: CVE-2022-38533

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-08-26T00:15:09.317

Modified: 2024-11-21T07:16:37.580

Link: CVE-2022-38533

Redhat

Severity : Low

Publid Date: 2022-08-13T00:00:00Z

Links: CVE-2022-38533 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-38533", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-03T10:54:04.032Z", "dateReserved": "2022-08-22T00:00:00", "datePublished": "2022-08-25T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-09-30T09:06:12.239134"}, "descriptions": [{"lang": "en", "value": "In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29482"}, {"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29482#c2"}, {"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29495"}, {"url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=45d92439aebd0386ef8af76e1796d08cfe457e1d"}, {"url": "https://github.com/bminor/binutils-gdb/commit/45d92439aebd0386ef8af76e1796d08cfe457e1d"}, {"url": "https://security.netapp.com/advisory/ntap-20221104-0007/"}, {"name": "FEDORA-2022-19538a3732", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6AKZ2DTS3ATVN5PANNVLKLE5OP4OF25Q/"}, {"name": "FEDORA-2022-667ee398b1", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MTEHT3G6YKJ7F7MSGWYSI4UM3XBAYXZ/"}, {"name": "GLSA-202309-15", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202309-15"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T10:54:04.032Z"}, "title": "CVE Program Container", "references": [{"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29482", "tags": ["x_transferred"]}, {"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29482#c2", "tags": ["x_transferred"]}, {"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29495", "tags": ["x_transferred"]}, {"url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=45d92439aebd0386ef8af76e1796d08cfe457e1d", "tags": ["x_transferred"]}, {"url": "https://github.com/bminor/binutils-gdb/commit/45d92439aebd0386ef8af76e1796d08cfe457e1d", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20221104-0007/", "tags": ["x_transferred"]}, {"name": "FEDORA-2022-19538a3732", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6AKZ2DTS3ATVN5PANNVLKLE5OP4OF25Q/"}, {"name": "FEDORA-2022-667ee398b1", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MTEHT3G6YKJ7F7MSGWYSI4UM3XBAYXZ/"}, {"name": "GLSA-202309-15", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/202309-15"}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:*", "matchCriteriaId": "9DADBFA8-9024-42CE-B9EA-B80547E463A6", "versionEndIncluding": "2.39", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file."}, {"lang": "es", "value": "En GNU Binutils versiones anteriores a 2.4.0, se presenta un desbordamiento del b\u00fafer de la pila en la funci\u00f3n de error bfd_getl32 cuando es llamada desde la funci\u00f3n strip_main en strip-new por medio de un archivo dise\u00f1ado."}], "id": "CVE-2022-38533", "lastModified": "2024-11-21T07:16:37.580", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-26T00:15:09.317", "references": [{"source": "cve@mitre.org", "url": "https://github.com/bminor/binutils-gdb/commit/45d92439aebd0386ef8af76e1796d08cfe457e1d"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6AKZ2DTS3ATVN5PANNVLKLE5OP4OF25Q/"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MTEHT3G6YKJ7F7MSGWYSI4UM3XBAYXZ/"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/202309-15"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20221104-0007/"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29482"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29482#c2"}, {"source": "cve@mitre.org", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29495"}, {"source": "cve@mitre.org", "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=45d92439aebd0386ef8af76e1796d08cfe457e1d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/bminor/binutils-gdb/commit/45d92439aebd0386ef8af76e1796d08cfe457e1d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6AKZ2DTS3ATVN5PANNVLKLE5OP4OF25Q/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MTEHT3G6YKJ7F7MSGWYSI4UM3XBAYXZ/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202309-15"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20221104-0007/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29482"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29482#c2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29495"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=45d92439aebd0386ef8af76e1796d08cfe457e1d"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "binutils: heap-based buffer overflow in bfd_getl32() when called by strip_main() in objcopy.c via a crafted file", "id": "2124569", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124569"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-122", "details": ["In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file.", "A vulnerability was found in the strip utility of binutils. An attacker able to convince a victim to process a specially crafted COFF file by the strip utility can lead to a heap-based buffer overflow, causing the utility to crash."], "mitigation": {"lang": "en:us", "value": "Do not process untrusted files with the strip utility."}, "name": "CVE-2022-38533", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "binutils", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "binutils", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "binutils", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "gcc-toolset-10-binutils", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "gcc-toolset-11-binutils", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "gcc-toolset-12-binutils", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "binutils", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "gcc-toolset-12-binutils", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2022-08-13T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-38533\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-38533"], "statement": "This issue is only triggered when a specially crafted COFF file is processed by the strip utility. The COFF file format is not used in Red Hat Enterprise Linux, the object file format used by default is ELF.", "threat_severity": "Low", "upstream_fix": "binutils 2.40"}