drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in GNU binutils
Name: |
Mehrere Probleme in GNU binutils |
|
ID: |
USN-6655-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 20.04 LTS, Ubuntu 22.04 LTS |
|
Datum: |
Mo, 26. Februar 2024, 22:47 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48063
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47695
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48065 |
|
Applikationen: |
binutils |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============4377872134003975896== Content-Language: en-US Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------EFk7w6nG0eX2LL8aprcfnaXf"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------EFk7w6nG0eX2LL8aprcfnaXf Content-Type: multipart/mixed; boundary="------------G0PWMHgTyRCnKFxaqABVUd0t"; protected-headers="v1" From: Nick Galanis <nick.galanis@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <60868303-0d63-4462-9f37-cbcdb2ad9f5a@canonical.com> Subject: [USN-6655-1] GNU binutils vulnerabilities
--------------G0PWMHgTyRCnKFxaqABVUd0t Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64
========================================================================== Ubuntu Security Notice USN-6655-1 February 26, 2024
binutils vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS - Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in GNU binutils.
Software Description: - binutils: GNU assembler, linker and binary utilities
Details:
It was discovered that GNU binutils was not properly handling the logic behind certain memory management related operations, which could lead to an invalid memory access. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-47695)
It was discovered that GNU binutils was not properly performing bounds checks when dealing with memory allocation operations, which could lead to excessive memory consumption. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-48063)
It was discovered that GNU binutils incorrectly handled memory management operations in several of its functions, which could lead to excessive memory consumption due to memory leaks. An attacker could possibly use these issues to cause a denial of service. (CVE-2022-48065)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.04 LTS: binutils 2.38-4ubuntu2.6 binutils-multiarch 2.38-4ubuntu2.6
Ubuntu 20.04 LTS: binutils 2.34-6ubuntu1.9 binutils-multiarch 2.34-6ubuntu1.9
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-6655-1 CVE-2022-47695, CVE-2022-48063, CVE-2022-48065
Package Information: https://launchpad.net/ubuntu/+source/binutils/2.38-4ubuntu2.6 https://launchpad.net/ubuntu/+source/binutils/2.34-6ubuntu1.9
--------------G0PWMHgTyRCnKFxaqABVUd0t--
--------------EFk7w6nG0eX2LL8aprcfnaXf Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature.asc"
-----BEGIN PGP SIGNATURE-----
wsB5BAABCAAjFiEE5rkwSLC9ntq84w397Dtram9gyMMFAmXcahEFAwAAAAAACgkQ7Dtram9gyMMh fAgAquO5rQweNAObhGhRe1AAdiIanga0JIVz8Nk1PlmGAaVasooDZ6UFRv0pRZJ34ecThCFzqEJg MtkDFFXUcbxOzsUk45YvGficw5zNTn87m3K+cXj380KhKK7695byTot+PIc6MAS+zfXlnVo1HscI rOxYP1NWNPJFiOvUG9HmdSl8eWVy88ZKH6l4BuAPwbmmPU2e+WwFeqHNlBbwoDYr3/eGQpuCOekY wFcf9wk9SPJ+077i6U757T2+TyUv5YBV2xpZjJ334fclOgrGFrqBq5+f7OXnPyJXk63gmANGLo11 LzdyJtgJ86iPveDY6RMSSXpaDe/rmB6GBLMQVNffPA== =3Pac -----END PGP SIGNATURE-----
--------------EFk7w6nG0eX2LL8aprcfnaXf--
--===============4377872134003975896== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
Cg==
--===============4377872134003975896==--
|
|
|
|