drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in GNU binutils
Name: |
Mehrere Probleme in GNU binutils |
|
ID: |
USN-6101-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 22.10, Ubuntu 23.04, Ubuntu 16.04 LTS (Available with Ubuntu Pro), Ubuntu 14.04 LTS (Available with Ubuntu Pro) |
|
Datum: |
Mi, 24. Mai 2023, 23:21 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1579
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25586
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1972
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25584
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25585
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25588 |
|
Applikationen: |
binutils |
|
Originalnachricht |
--===============2117606872147292698== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="qjj7kkjgcaqo4kzi" Content-Disposition: inline
--qjj7kkjgcaqo4kzi Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-6101-1 May 24, 2023
binutils vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.04 - Ubuntu 22.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS (Available with Ubuntu Pro) - Ubuntu 14.04 LTS (Available with Ubuntu Pro)
Summary:
Several security issues were fixed in GNU binutils.
Software Description: - binutils: GNU assembler, linker and binary utilities
Details:
It was discovered that GNU binutils incorrectly handled certain DWARF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 22.10. (CVE-2023-1579)
It was discovered that GNU binutils did not properly verify the version definitions in zer0-lengthverdef table. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10 and Ubuntu 23.04. (CVE-2023-1972)
It was discovered that GNU binutils did not properly validate the size of length parameter in vms-alpha. An attacker could possibly use this issue to cause a crash or access sensitive information. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2023-25584)
It was discovered that GNU binutils did not properly initialized the file_table field of struct module and the_bfd field of asymbol. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-25585, CVE-2023-25586)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 23.04: binutils 2.40-2ubuntu4.1 binutils-multiarch 2.40-2ubuntu4.1
Ubuntu 22.10: binutils 2.39-3ubuntu1.2 binutils-multiarch 2.39-3ubuntu1.2
Ubuntu 22.04 LTS: binutils 2.38-4ubuntu2.2 binutils-multiarch 2.38-4ubuntu2.2
Ubuntu 20.04 LTS: binutils 2.34-6ubuntu1.5 binutils-multiarch 2.34-6ubuntu1.5
Ubuntu 18.04 LTS: binutils 2.30-21ubuntu1~18.04.9 binutils-multiarch 2.30-21ubuntu1~18.04.9
Ubuntu 16.04 LTS (Available with Ubuntu Pro): binutils 2.26.1-1ubuntu1~16.04.8+esm6 binutils-multiarch 2.26.1-1ubuntu1~16.04.8+esm6
Ubuntu 14.04 LTS (Available with Ubuntu Pro): binutils 2.24-5ubuntu14.2+esm1 binutils-multiarch 2.24-5ubuntu14.2+esm1
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-6101-1 CVE-2023-1579, CVE-2023-1972, CVE-2023-25584, CVE-2023-25585, CVE-2023-25588
Package Information: https://launchpad.net/ubuntu/+source/binutils/2.40-2ubuntu4.1 https://launchpad.net/ubuntu/+source/binutils/2.39-3ubuntu1.2 https://launchpad.net/ubuntu/+source/binutils/2.38-4ubuntu2.2 https://launchpad.net/ubuntu/+source/binutils/2.34-6ubuntu1.5 https://launchpad.net/ubuntu/+source/binutils/2.30-21ubuntu1~18.04.9
--qjj7kkjgcaqo4kzi Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQGzBAABCgAdFiEEs16801xnF7wK3rCK7Ic6ztRocjwFAmRt9gkACgkQ7Ic6ztRo cjy85gwAgkW2rsJOhAVaRi1445addkhWUv9GIglVCiWwn7n+oG6ouy+Wg/zROX7j VXbXjWF/LLP1xBIzfWzywMEeF9VrUHjXm5H/dct5KDsfSKp3MgT4RHMczAQFA3Vf zb7b0YBkwEZLEeCi96bAVKHSZqZLQa8OQd7Uzs44VYFZaGK3VhPoHObKmO7wgzKs IYziMO4mnl59DapkqzFy33Ompw4W3zt/yxhgHKnKViXjctFhPPmtKQHfk5vRIh97 Y0K7pkNR7qOfU+jsVsuJ8yC8pMtSNJ6DDCkECjy9XgbNC5484Kn17baKgQ8b/WZR GtE9deBRpPAi3PhZMVB6auVt2tiHzQlHSM1jV9cYlIm1gSPOEvyxuf9TyCQaqn6B s0YumXYXZTGbTmlbiVcjUm9/iashj84PqjLnxXWeTajv8TYtmUu5q/08Hca5vTVx 51RHszD7qyg3g379CAQay28Z+zYgTMw8UTBp0NvKaT4WC5VhuvnSvfOJ1dpt6jqs Q01IJc+n =fM77 -----END PGP SIGNATURE-----
--qjj7kkjgcaqo4kzi--
--===============2117606872147292698== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
--===============2117606872147292698==--
|
|
|
|