CVE-2022-38533

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-38533
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-38533.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-38533
Downstream
Related
Published
2022-08-26T00:15:09Z
Modified
2025-10-23T04:19:37.225408Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfdgetl32 when called from the stripmain function in strip-new via a crafted file.

References

Affected packages

Git / github.com/bminor/binutils-gdb

Affected ranges

Type
GIT
Repo
https://github.com/bminor/binutils-gdb
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
45d92439aebd0386ef8af76e1796d08cfe457e1d

Affected versions

Other

binu_ss_19990502
gdb-10-branchpoint
gdb-11-branchpoint
gdb-12-branchpoint
gdb-4_18-branchpoint
gdb-9-branchpoint
gdb_5_2-branchpoint
gdb_5_3-branchpoint
gdb_6_0-branchpoint
gdb_6_1-branchpoint
gdb_6_2-branchpoint
gdb_6_3-branchpoint
gdb_6_4-branchpoint
gdb_6_5-branchpoint
gdb_6_6-branchpoint
gdb_6_7-branchpoint
gdb_6_8-branchpoint
gdb_7_0-branchpoint
gdb_7_1-branchpoint
gdb_7_2-branchpoint
gdb_7_3-branchpoint
gdb_7_4-branchpoint
gdb_7_5-branchpoint
gdb_7_6-branchpoint
readline_4_0
users/ARM/embedded-binutils-master-2016q4
users/ARM/embedded-binutils-master-2017q4
users/ARM/embedded-binutils-master-2018q4
users/ARM/embedded-gdb-master-2017q4
users/ARM/embedded-gdb-master-2018q4

gdb-7.*

gdb-7.10-branchpoint
gdb-7.11-branchpoint
gdb-7.12-branchpoint
gdb-7.7-branchpoint
gdb-7.8-branchpoint
gdb-7.9-branchpoint

gdb-8.*

gdb-8.0-branchpoint
gdb-8.1-branchpoint
gdb-8.2-branchpoint
gdb-8.3-branchpoint

Database specific

vanir_signatures

[
    {
        "source": "https://github.com/bminor/binutils-gdb/commit/45d92439aebd0386ef8af76e1796d08cfe457e1d",
        "id": "CVE-2022-38533-030dfa08",
        "digest": {
            "length": 9712.0,
            "function_hash": "332413297776313448966524875052800052334"
        },
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "function": "rewrite_elf_program_header",
            "file": "bfd/elf.c"
        },
        "signature_type": "Function"
    },
    {
        "source": "https://github.com/bminor/binutils-gdb/commit/45d92439aebd0386ef8af76e1796d08cfe457e1d",
        "id": "CVE-2022-38533-4c4cde53",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "149029473871860548324480604998133952444",
                "217609173551310310701258569961425869215",
                "170149309778449397640395391321816418642",
                "276878819425846276782996098825930281545",
                "285342024254011459145580660705584373775",
                "193582763732123672908882155485252175318",
                "326545393905433237533783410738096202383",
                "171630553877019943542131362566125605853",
                "97151495383958162279592705099216122242",
                "159760987822494799654152448905034363825",
                "188447099707096283713517930329545344975",
                "115346637512579585538827543086618410391",
                "148958682375105540849438615245377036104",
                "334282771154434989938545715625292503862",
                "200470558747012186253083602013113789716",
                "317994894263218489511607831411065991293",
                "333576098762843076370116196683673772989",
                "113308214672171244127627810099081622751",
                "216289576259920944867562733480758742111",
                "6274354837222461728167765527342726382",
                "316589153563028815703021731002519531157",
                "211374570069147064785622022929958045782",
                "121978540467834153128969542617947311091",
                "233460274549642964130720797390166984736",
                "24227899525747664508550420050172022363",
                "43389512826083450321666401899542578199",
                "78540512657816499386625671046541221854",
                "92405140721940736828365406635137012229",
                "195903870595619094245647509641833823164",
                "26018002126362956748985910057494202814",
                "60558764109962063115060689283559862721",
                "145785861773677525490143483071625857014",
                "69280688614020537965796673453902882072",
                "197104975362241622506738961307226177470",
                "109969443427133551028491353403782263251",
                "72587751977253068134479550431661761011",
                "216407608999525327096594962794988279519",
                "110958967916851349800709545673230176103",
                "135578896323735789101976436602008645630",
                "247134669159655148214506783203143417105",
                "116977621780461369488270776926728513871",
                "201277095123555800430218466625895133318",
                "101315680032148608188870605248272664788",
                "237995433699584636544982915281963615200",
                "166520691472516233675580165762862155569",
                "79889505944332871469079795904011162282",
                "277104911392485160768273061126561361984",
                "114031204288805461549170748968117852145",
                "257736362726639966511726425039544953975",
                "284958034674804224588748958336540923669",
                "78385707232226559543119066228460110850",
                "86803042968252157858487167231857858297",
                "279704641081398348362244377331773699264",
                "254804579316186167639938463686432729495",
                "156488139544942601607100351152523606018",
                "90095446267817960699953989043588858569",
                "54555557768444728467384872537941687139",
                "298674768123171383535595905414419997357",
                "298946376832001904026207322183664534677",
                "328089739743281623750206950624881905373",
                "213455958317866953110615591475286009519",
                "90942058358003506028967061154097103033",
                "8540962996678207674336472683613923711",
                "109497982907299278275593735175649801020",
                "134298070700315138175877407222283195204",
                "289668094356811786687730422168093128680",
                "117255194439813766018291315382750188739",
                "306442360549080824806152076147541429863",
                "142096752717261487482346100774694954735",
                "29094393229654198769761434670410029958",
                "267310887969248375746584359932751213812",
                "182036334185516183399357340594074903760",
                "76741422175086959351862212554688381890",
                "215028612319009771390928586774464870573",
                "114061119311383887559342956675820194912",
                "174320445088955438644943171046813931213"
            ]
        },
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "bfd/elf.c"
        },
        "signature_type": "Line"
    }
]

Git / github.com/bminor/binutils-gdb

Affected ranges

Type
GIT
Repo
https://sourceware.org/git/binutils-gdb.git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected