Packages
- binutils - GNU assembler, linker and binary utilities
Details
It was discovered that GNU binutils incorrectly handled certain DWARF
files. An attacker could possibly use this issue to cause a crash or
execute arbitrary code. This issue only affected Ubuntu 22.10.
(CVE-2023-1579)
It was discovered that GNU binutils did not properly verify the version
definitions in zer0-lengthverdef table. An attacker could possibly use this
issue to cause a crash or execute arbitrary code. This issue only affected
Ubuntu 22.04 LTS, Ubuntu 22.10 and Ubuntu 23.04. (CVE-2023-1972)
It was discovered that GNU binutils did not properly validate the size of
length parameter in vms-alpha. An attacker could possibly use this issue to
cause a crash or access sensitive information. This issue only affected
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10.
(
It was discovered that GNU binutils incorrectly handled certain DWARF
files. An attacker could possibly use this issue to cause a crash or
execute arbitrary code. This issue only affected Ubuntu 22.10.
(CVE-2023-1579)
It was discovered that GNU binutils did not properly verify the version
definitions in zer0-lengthverdef table. An attacker could possibly use this
issue to cause a crash or execute arbitrary code. This issue only affected
Ubuntu 22.04 LTS, Ubuntu 22.10 and Ubuntu 23.04. (CVE-2023-1972)
It was discovered that GNU binutils did not properly validate the size of
length parameter in vms-alpha. An attacker could possibly use this issue to
cause a crash or access sensitive information. This issue only affected
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10.
(CVE-2023-25584)
It was discovered that GNU binutils did not properly initialized the
file_table field of struct module and the_bfd field of asymbol. An attacker
could possibly use this issue to cause a crash. This issue only affected
Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and
Ubuntu 22.04 LTS. (CVE-2023-25585, CVE-2023-25588)
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
Ubuntu Release | Package Version | ||
---|---|---|---|
23.04 lunar | binutils – 2.40-2ubuntu4.1 | ||
binutils-multiarch – 2.40-2ubuntu4.1 | |||
22.10 kinetic | binutils – 2.39-3ubuntu1.2 | ||
binutils-multiarch – 2.39-3ubuntu1.2 | |||
22.04 jammy | binutils – 2.38-4ubuntu2.2 | ||
binutils-multiarch – 2.38-4ubuntu2.2 | |||
20.04 focal | binutils – 2.34-6ubuntu1.5 | ||
binutils-multiarch – 2.34-6ubuntu1.5 | |||
18.04 bionic | binutils – 2.30-21ubuntu1~18.04.9 | ||
binutils-multiarch – 2.30-21ubuntu1~18.04.9 | |||
16.04 xenial | binutils – 2.26.1-1ubuntu1~16.04.8+esm6 | ||
binutils-multiarch – 2.26.1-1ubuntu1~16.04.8+esm6 | |||
14.04 trusty | binutils – 2.24-5ubuntu14.2+esm1 | ||
binutils-multiarch – 2.24-5ubuntu14.2+esm1 |
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.