« List of all CVEs

CVE-2023-25586

Local variable `ch_type` in function `bfd_init_section_decompress_status` can be uninitialized

Published: 9/14/2023 Last updated: 2/13/2025 Reserved: 2/7/2023

A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may lead to the use of an uninitialized variable that can cause a crash and local denial of service.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Metrics

Version Score Severity Vector String
3.1 4.7 Medium CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

Opam packages affected (3)

bap-std clangml conf-binutils

Products affected (27)

Product Vendor Version
Fedora Fedora <= 5.4.*
Red Hat Enterprise Linux 6 Red Hat <= *
Fedora 37 Fedora <= 5.15.*
Red Hat Enterprise Linux 7 Red Hat < 6969367c1500c15eddc38fda12f6d15518ad6d03
Red Hat Enterprise Linux 8 Red Hat < 1b45cc5c7b920fd8bf72e5a888ec7abeadf41e09
Fedora 36 Fedora <= *
Red Hat Enterprise Linux 8 Red Hat 5.10
Red Hat Enterprise Linux 8 Red Hat < 5.10
Red Hat Enterprise Linux 8 Red Hat <= 5.15.*
Red Hat Enterprise Linux 9 Red Hat < 6af043089d3f1210776d19b6fdabea610d4c7699
Red Hat Enterprise Linux 8 Red Hat <= 6.0.*
Red Hat Enterprise Linux 9 Red Hat < 75af03fdf35acf15a3977f7115f6b8d10dff4bc7
Red Hat Enterprise Linux 9 Red Hat < f8d8fbd3b6d6cc3f25790cca5cffe8ded512fef6
Red Hat Enterprise Linux 7 Red Hat < f234294812c9b68d603650d28743eafb718e7ad5
Red Hat Enterprise Linux 8 Red Hat <= *
Fedora 36 Fedora < 355d2eca68c10d713a42f68e62044b3d1c300471
Fedora 36 Fedora <= 6.1.*
Fedora 37 Fedora <= 5.10.*
Fedora 36 Fedora < f3d26a8589dfdeff328779b511f71fb90b10005e
Fedora 37 Fedora <= 6.0.*
Extra Packages for Enterprise Linux 8 Fedora < 810250c9c6616fe131099c0e51c61f2110ed07bf
Extra Packages for Enterprise Linux 7 Fedora < 5.3
Fedora 36 Fedora < bdf1da5df9da680589a7f74448dd0a94dd3e1446
Fedora 37 Fedora 5.3
Fedora 36 Fedora < adf58bd4018fbcd990c62e840afd2f178eefad60
Extra Packages for Enterprise Linux 8 Fedora < ee02fa4a71bdb95a444124e5c11eaa22f1f44738
binutils n/a <= 5.18.*

References (20)