{"id":"CLSA-2023-1701293664","summary":"binutils: Fix of 7 CVEs","details":"- CVE-2021-45078: Fix out-of-bounds write in stab_xcoff_builtin_type\n- CVE-2021-46174: Fix buffer overflow in read_section_stabs_debugging_info\n- CVE-2022-44840: Fix possible heap buffer overflow in find_section_in_set() in readelf.c\n- CVE-2022-45703: Combine sanity checks, calculate element counts, not word\n  counts, fix typo\n- CVE-2022-47695: Test symbol flags to exclude section and synthetic symbols\n  before attempting to check flavour\n- CVE-2022-47696: Fix uninitialised field `the_bfd` of `asymbol`\n- CVE-2022-47673: Fix lack of bounds checking in vms-alpha.c","modified":"2026-05-27T11:33:54.255350339Z","published":"2023-11-29T21:34:28Z","upstream":["CVE-2021-45078","CVE-2021-46174","CVE-2022-44840","CVE-2022-45703","CVE-2022-47673","CVE-2022-47695","CVE-2022-47696"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/almalinux9.2-esu/CLSA-2023-1701293664.html"}],"affected":[{"package":{"name":"binutils","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/binutils?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.35.2-37.el9.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2023-1701293664.json"}},{"package":{"name":"binutils-devel","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/binutils-devel?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.35.2-37.el9.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2023-1701293664.json"}},{"package":{"name":"binutils-gold","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/binutils-gold?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.35.2-37.el9.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2023-1701293664.json"}},{"package":{"name":"cross-binutils-aarch64","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/cross-binutils-aarch64?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.35.2-37.el9.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2023-1701293664.json"}},{"package":{"name":"cross-binutils-ppc64le","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/cross-binutils-ppc64le?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.35.2-37.el9.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2023-1701293664.json"}},{"package":{"name":"cross-binutils-s390x","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/cross-binutils-s390x?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.35.2-37.el9.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2023-1701293664.json"}}],"schema_version":"1.7.5"}