Out-of-Bounds The advisory has been revoked - it doesn't affect any version of package binutils Open this link in a new tab

Threat Intelligence

EPSS 0.05% (19^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk ID SNYK-CENTOS8-BINUTILS-3370828
published 24 Mar 2023
disclosed 11 Jan 2023

Report a new vulnerability Found a mistake?

Introduced: 11 Jan 2023

CVE-2023-1579 Open this link in a new tab CWE-119 Open this link in a new tab CWE-787 Open this link in a new tab

Amendment

The Centos security team deemed this advisory irrelevant for Centos:8.

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Centos.

Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64.

References

https://access.redhat.com/security/cve/CVE-2023-1579
https://sourceware.org/bugzilla/show_bug.cgi?id=29988
https://security.netapp.com/advisory/ntap-20230511-0009/
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11d171f1910b508a81d21faa087ad1af573407d8
https://security.gentoo.org/glsa/202309-15
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=11d171f1910b508a81d21faa087ad1af573407d8