CVE-2023-25584

CVE-2023-25584

Name

CVE-2023-25584

Description

An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://access.redhat.com/security/cve/CVE-2023-25584
MISC	https://bugzilla.redhat.com/show_bug.cgi?id=2167467
MISC	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=77c225bdeb410cf60da804879ad41622f5f1aa44
MISC	https://security.netapp.com/advisory/ntap-20231103-0002/

Type

URI

MISC

https://access.redhat.com/security/cve/CVE-2023-25584

MISC

https://bugzilla.redhat.com/show_bug.cgi?id=2167467

MISC

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=77c225bdeb410cf60da804879ad41622f5f1aa44

MISC

https://security.netapp.com/advisory/ntap-20231103-0002/

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:gnu:binutils:-:::::::*`	binutils	== None	== -
`cpe:2.3:a:gnu:binutils::::::::`	binutils	>= None	< 2.40

CPE URI

Source package

Min version

Max version

cpe:2.3:a:gnu:binutils:-:*:*:*:*:*:*:*

binutils

== None

== -

cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:*

binutils

>= None

< 2.40

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
binutils	edge-main	2.39-r3	Ariadne Conill <ariadne@dereferenced.org>	possibly vulnerable
binutils	edge-main	2.39-r2	Ariadne Conill <ariadne@dereferenced.org>	possibly vulnerable
binutils	edge-main	2.39-r1	Ariadne Conill <ariadne@dereferenced.org>	possibly vulnerable
binutils	edge-main	2.39-r0	None	possibly vulnerable
binutils	edge-main	2.35.2-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
binutils	edge-main	2.35.2-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
binutils	edge-main	2.32-r0	None	possibly vulnerable
binutils	edge-main	2.28-r1	None	possibly vulnerable
binutils	3.22-main	2.39-r2	None	possibly vulnerable
binutils	3.22-main	2.39-r0	None	possibly vulnerable
binutils	3.22-main	2.35.2-r1	None	possibly vulnerable
binutils	3.22-main	2.32-r0	None	possibly vulnerable
binutils	3.22-main	2.28-r1	None	possibly vulnerable
binutils	3.21-main	2.39-r2	None	possibly vulnerable
binutils	3.21-main	2.39-r0	None	possibly vulnerable
binutils	3.21-main	2.35.2-r1	None	possibly vulnerable
binutils	3.21-main	2.32-r0	None	possibly vulnerable
binutils	3.21-main	2.28-r1	None	possibly vulnerable
binutils	3.20-main	2.39-r2	None	possibly vulnerable
binutils	3.20-main	2.39-r0	None	possibly vulnerable
binutils	3.20-main	2.35.2-r1	None	possibly vulnerable
binutils	3.20-main	2.32-r0	None	possibly vulnerable
binutils	3.20-main	2.28-r1	None	possibly vulnerable
binutils	3.19-main	2.39-r2	None	possibly vulnerable
binutils	3.19-main	2.39-r0	None	possibly vulnerable
binutils	3.19-main	2.35.2-r1	None	possibly vulnerable
binutils	3.19-main	2.32-r0	None	possibly vulnerable
binutils	3.19-main	2.28-r1	None	possibly vulnerable
binutils	3.17-main	2.39-r2	Ariadne Conill <ariadne@dereferenced.org>	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

binutils

edge-main

2.39-r3

Ariadne Conill <ariadne@dereferenced.org>

possibly vulnerable

binutils

edge-main