CVE-2023-25588

CVE	CVE-2023-25588
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2023-09-14 21:15:00 UTC
Updated	2023-11-07 04:09:00 UTC
Description	A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the `bfd_mach_o_get_synthetic_symtab` function, which may lead to an application crash and local denial of service.

Problem Types: CWE-908

Type	Vendor	Product	Version	Update	Edition	Language
Application	Gnu	Binutils	2.40	All	All	All

Reference	Source	Link	Tags
2167505 – (CVE-2023-25588) CVE-2023-25588 binutils: Field `the_bfd` of `asymbol` is uninitialized in function `bfd_mach_o_get_synthetic_symtab`	MISC	bugzilla.redhat.com
September 2023 GNU Binutils 2.40 Vulnerabilities in NetApp Products \| NetApp Product Security	MISC	security.netapp.com
cve-details	MISC	access.redhat.com
sourceware.org Git - binutils-gdb.git/commit	MISC	sourceware.org
29677 – Field `the_bfd` of `asymbol` is uninitialized in function `bfd_mach_o_get_synthetic_symtab`	MISC	sourceware.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

199363 Ubuntu Security Notification for GNU binutils Vulnerabilities (USN-6101-1)
673194 EulerOS Security Update for binutils (EulerOS-SA-2023-2307)
673206 EulerOS Security Update for binutils (EulerOS-SA-2023-2327)
673229 EulerOS Security Update for binutils (EulerOS-SA-2023-2347)
673260 EulerOS Security Update for binutils (EulerOS-SA-2023-2373)
673349 EulerOS Security Update for binutils (EulerOS-SA-2023-2633)
673523 EulerOS Security Update for binutils (EulerOS-SA-2023-3114)
674079 EulerOS Security Update for binutils (EulerOS-SA-2023-2675)
754877 SUSE Enterprise Linux Security Update for binutils (SUSE-SU-2023:3695-1)
754965 SUSE Enterprise Linux Security Update for binutils (SUSE-SU-2023:3825-1)