USN-6544-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-6544-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-6544-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-6544-1
Related
Published
2023-12-11T11:18:13.317090Z
Modified
2023-12-11T11:18:13.317090Z
Summary
binutils vulnerabilities
Details

It was discovered that GNU binutils incorrectly handled certain COFF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2022-38533)

It was discovered that GNU binutils was not properly performing bounds checks in several functions, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-4285, CVE-2020-19726, CVE-2021-46174)

It was discovered that GNU binutils contained a reachable assertion, which could lead to an intentional assertion failure when processing certain crafted DWARF files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-35205)

References

Affected packages

Ubuntu:20.04:LTS / binutils

Package

Name
binutils

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.34-6ubuntu1.7

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "binutils-i686-kfreebsd-gnu": "2.34-6ubuntu1.7",
            "binutils-common": "2.34-6ubuntu1.7",
            "binutils-i686-gnu": "2.34-6ubuntu1.7",
            "binutils-riscv64-linux-gnu": "2.34-6ubuntu1.7",
            "binutils-powerpc64-linux-gnu": "2.34-6ubuntu1.7",
            "binutils": "2.34-6ubuntu1.7",
            "binutils-powerpc64le-linux-gnu": "2.34-6ubuntu1.7",
            "binutils-i686-linux-gnu": "2.34-6ubuntu1.7",
            "binutils-hppa64-linux-gnu": "2.34-6ubuntu1.7",
            "binutils-sparc64-linux-gnu": "2.34-6ubuntu1.7",
            "binutils-source": "2.34-6ubuntu1.7",
            "binutils-for-build": "2.34-6ubuntu1.7",
            "binutils-x86-64-kfreebsd-gnu": "2.34-6ubuntu1.7",
            "binutils-multiarch": "2.34-6ubuntu1.7",
            "binutils-for-host": "2.34-6ubuntu1.7",
            "binutils-m68k-linux-gnu": "2.34-6ubuntu1.7",
            "binutils-dev": "2.34-6ubuntu1.7",
            "libctf-nobfd0": "2.34-6ubuntu1.7",
            "binutils-alpha-linux-gnu": "2.34-6ubuntu1.7",
            "binutils-doc": "2.34-6ubuntu1.7",
            "binutils-arm-linux-gnueabi": "2.34-6ubuntu1.7",
            "binutils-powerpc-linux-gnu": "2.34-6ubuntu1.7",
            "binutils-sh4-linux-gnu": "2.34-6ubuntu1.7",
            "libbinutils": "2.34-6ubuntu1.7",
            "binutils-s390x-linux-gnu": "2.34-6ubuntu1.7",
            "libctf0": "2.34-6ubuntu1.7",
            "binutils-x86-64-linux-gnux32": "2.34-6ubuntu1.7",
            "binutils-hppa-linux-gnu": "2.34-6ubuntu1.7",
            "binutils-arm-linux-gnueabihf": "2.34-6ubuntu1.7",
            "binutils-aarch64-linux-gnu": "2.34-6ubuntu1.7",
            "binutils-x86-64-linux-gnu": "2.34-6ubuntu1.7",
            "binutils-ia64-linux-gnu": "2.34-6ubuntu1.7",
            "binutils-multiarch-dev": "2.34-6ubuntu1.7"
        }
    ]
}

Ubuntu:22.04:LTS / binutils

Package

Name
binutils

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.38-4ubuntu2.4

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "binutils-i686-kfreebsd-gnu": "2.38-4ubuntu2.4",
            "binutils-common": "2.38-4ubuntu2.4",
            "binutils-i686-gnu": "2.38-4ubuntu2.4",
            "binutils-riscv64-linux-gnu": "2.38-4ubuntu2.4",
            "binutils-powerpc64-linux-gnu": "2.38-4ubuntu2.4",
            "binutils": "2.38-4ubuntu2.4",
            "binutils-powerpc64le-linux-gnu": "2.38-4ubuntu2.4",
            "binutils-i686-linux-gnu": "2.38-4ubuntu2.4",
            "binutils-hppa64-linux-gnu": "2.38-4ubuntu2.4",
            "binutils-sparc64-linux-gnu": "2.38-4ubuntu2.4",
            "binutils-source": "2.38-4ubuntu2.4",
            "binutils-for-build": "2.38-4ubuntu2.4",
            "binutils-x86-64-kfreebsd-gnu": "2.38-4ubuntu2.4",
            "binutils-multiarch": "2.38-4ubuntu2.4",
            "binutils-for-host": "2.38-4ubuntu2.4",
            "binutils-m68k-linux-gnu": "2.38-4ubuntu2.4",
            "binutils-dev": "2.38-4ubuntu2.4",
            "libctf-nobfd0": "2.38-4ubuntu2.4",
            "binutils-alpha-linux-gnu": "2.38-4ubuntu2.4",
            "binutils-doc": "2.38-4ubuntu2.4",
            "binutils-arm-linux-gnueabi": "2.38-4ubuntu2.4",
            "binutils-powerpc-linux-gnu": "2.38-4ubuntu2.4",
            "binutils-sh4-linux-gnu": "2.38-4ubuntu2.4",
            "libbinutils": "2.38-4ubuntu2.4",
            "binutils-s390x-linux-gnu": "2.38-4ubuntu2.4",
            "libctf0": "2.38-4ubuntu2.4",
            "binutils-x86-64-linux-gnux32": "2.38-4ubuntu2.4",
            "binutils-hppa-linux-gnu": "2.38-4ubuntu2.4",
            "binutils-arm-linux-gnueabihf": "2.38-4ubuntu2.4",
            "binutils-aarch64-linux-gnu": "2.38-4ubuntu2.4",
            "binutils-x86-64-linux-gnu": "2.38-4ubuntu2.4",
            "binutils-ia64-linux-gnu": "2.38-4ubuntu2.4",
            "binutils-multiarch-dev": "2.38-4ubuntu2.4"
        }
    ]
}

Ubuntu:Pro:14.04:LTS / binutils

Package

Name
binutils

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.24-5ubuntu14.2+esm6

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "binutils-dev": "2.24-5ubuntu14.2+esm6",
            "binutils-source": "2.24-5ubuntu14.2+esm6",
            "binutils": "2.24-5ubuntu14.2+esm6",
            "binutils-doc": "2.24-5ubuntu14.2+esm6",
            "binutils-multiarch": "2.24-5ubuntu14.2+esm6",
            "binutils-multiarch-dev": "2.24-5ubuntu14.2+esm6",
            "binutils-static": "2.24-5ubuntu14.2+esm6"
        }
    ]
}