{"id":"CLSA-2026-1777059908","summary":"binutils: Fix of 4 CVEs","details":"- CVE-2022-47673: fix out-of-bounds reads in parse_module (bfd/vms-alpha.c),\n  combined backport of upstream commits c9178f28, 942fa4fb, 77c225bd, 65cf035b\n  and c093f5ee (patch also covers CVE-2023-25584)\n- CVE-2022-47695: fix segfault in objdump compare_symbols on synthetic plt symbols\n- CVE-2022-47696: fix out-of-bounds read in bfd/mach-o.c\n  bfd_mach_o_get_synthetic_symtab","modified":"2026-05-27T11:35:44.549149043Z","published":"2026-04-24T20:29:12Z","upstream":["CVE-2022-47673","CVE-2022-47695","CVE-2022-47696","CVE-2023-25584"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/els_os/centos-stream8els/CLSA-2026-1777059908.html"}],"affected":[{"package":{"name":"binutils","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/binutils?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.30-123.el8.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1777059908.json"}},{"package":{"name":"binutils-devel","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/binutils-devel?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.30-123.el8.tuxcare.els10"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1777059908.json"}}],"schema_version":"1.7.5"}