CLSA-2023-1687795384

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2023-1687795384

Upstream

CVE-2017-12450

CVE-2023-25584

CVE-2023-25585

CVE-2023-25588

Published

2023-06-26T16:03:09Z

Modified

2026-06-04T10:03:45.874530763Z

Summary

Fix CVE(s): CVE-2023-25584, CVE-2017-12450, CVE-2023-25588, CVE-2023-25585

Details

SECURITY UPDATE: fixing the existing CVE-2017-12450 patches that were incorrectly ported from upstream
- debian/patches/CVE-2017-12450-1.patch: fix address violation errors
- debian/patches/CVE-2017-12450-2.patch: import patches from mainline to fix minor binutils bugs
- CVE-2017-12450
SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2023-25584.patch: lack of bounds checking in vms-alpha.c
- CVE-2023-25584
SECURITY UPDATE: segmentation fault due to uninitialized
- debian/patches/CVE-2023-25585.patch: field file_table of struct module is uninitialized
- CVE-2023-25585
SECURITY UPDATE: segmentation fault due to uninitialized
- debian/patches/CVE-2023-25588.patch: field the_bfd of asymbol is uninitialised
- CVE-2023-25588
Fix memory leaks and buffer overflow in vms-alpha.c
- debian/patches/vms-alpha-buffer-overflow-fix.patch: fix heap-based buffer overflow in buildmodulelist in vms-alpha.c
- debian/patches/vms-alpha-memory-leaks-fix.patch: fix memory leaks and buffer overflow in vms-alpha.c

References

https://errata.cloudlinux.com/ubuntu16_04-els/CLSA-2023-1687795384

Affected packages

TuxCare:Ubuntu:16.04

binutils

Package

Name: binutils
Purl: pkg:deb/tuxcare/binutils?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-aarch64-linux-gnu

Package

Name: binutils-aarch64-linux-gnu
Purl: pkg:deb/tuxcare/binutils-aarch64-linux-gnu?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-alpha-linux-gnu

Package

Name: binutils-alpha-linux-gnu
Purl: pkg:deb/tuxcare/binutils-alpha-linux-gnu?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-arm-linux-gnueabi

Package

Name: binutils-arm-linux-gnueabi
Purl: pkg:deb/tuxcare/binutils-arm-linux-gnueabi?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-arm-linux-gnueabihf

Package

Name: binutils-arm-linux-gnueabihf
Purl: pkg:deb/tuxcare/binutils-arm-linux-gnueabihf?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-dev

Package

Name: binutils-dev
Purl: pkg:deb/tuxcare/binutils-dev?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-doc

Package

Name: binutils-doc
Purl: pkg:deb/tuxcare/binutils-doc?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-hppa-linux-gnu

Package

Name: binutils-hppa-linux-gnu
Purl: pkg:deb/tuxcare/binutils-hppa-linux-gnu?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-hppa64-linux-gnu

Package

Name: binutils-hppa64-linux-gnu
Purl: pkg:deb/tuxcare/binutils-hppa64-linux-gnu?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-m68k-linux-gnu

Package

Name: binutils-m68k-linux-gnu
Purl: pkg:deb/tuxcare/binutils-m68k-linux-gnu?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-mips-linux-gnu

Package

Name: binutils-mips-linux-gnu
Purl: pkg:deb/tuxcare/binutils-mips-linux-gnu?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-mips64-linux-gnuabi64

Package

Name: binutils-mips64-linux-gnuabi64
Purl: pkg:deb/tuxcare/binutils-mips64-linux-gnuabi64?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-mips64el-linux-gnuabi64

Package

Name: binutils-mips64el-linux-gnuabi64
Purl: pkg:deb/tuxcare/binutils-mips64el-linux-gnuabi64?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-mipsel-linux-gnu

Package

Name: binutils-mipsel-linux-gnu
Purl: pkg:deb/tuxcare/binutils-mipsel-linux-gnu?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-multiarch

Package

Name: binutils-multiarch
Purl: pkg:deb/tuxcare/binutils-multiarch?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-multiarch-dev

Package

Name: binutils-multiarch-dev
Purl: pkg:deb/tuxcare/binutils-multiarch-dev?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-powerpc-linux-gnu

Package

Name: binutils-powerpc-linux-gnu
Purl: pkg:deb/tuxcare/binutils-powerpc-linux-gnu?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-powerpc-linux-gnuspe

Package

Name: binutils-powerpc-linux-gnuspe
Purl: pkg:deb/tuxcare/binutils-powerpc-linux-gnuspe?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-powerpc64-linux-gnu

Package

Name: binutils-powerpc64-linux-gnu
Purl: pkg:deb/tuxcare/binutils-powerpc64-linux-gnu?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-powerpc64le-linux-gnu

Package

Name: binutils-powerpc64le-linux-gnu
Purl: pkg:deb/tuxcare/binutils-powerpc64le-linux-gnu?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-s390x-linux-gnu

Package

Name: binutils-s390x-linux-gnu
Purl: pkg:deb/tuxcare/binutils-s390x-linux-gnu?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-sh4-linux-gnu

Package

Name: binutils-sh4-linux-gnu
Purl: pkg:deb/tuxcare/binutils-sh4-linux-gnu?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-source

Package

Name: binutils-source
Purl: pkg:deb/tuxcare/binutils-source?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"

binutils-sparc64-linux-gnu

Package

Name: binutils-sparc64-linux-gnu
Purl: pkg:deb/tuxcare/binutils-sparc64-linux-gnu?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.26.1-1ubuntu1~16.04.10+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1687795384.json"