CVE-2023-25586
- Source
- https://cve.org/CVERecord?id=CVE-2023-25586
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-25586.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-25586
- Downstream
- Published
- 2023-09-14T21:15:10.240Z
- Modified
- 2026-03-13T22:51:37.700263Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A flaw was found in Binutils. A logic fail in the bfdinitsectiondecompressstatus function may lead to the use of an uninitialized variable that can cause a crash and local denial of service.
- References
-
- https://access.redhat.com/security/cve/CVE-2023-25586
- https://security.netapp.com/advisory/ntap-20231103-0003/
- https://bugzilla.redhat.com/show_bug.cgi?id=2167502
- https://sourceware.org/bugzilla/show_bug.cgi?id=29855
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5830876a0cca17bef3b2d54908928e72cca53502
Affected packages
Git / sourceware.org/git/binutils-gdb.git
Affected versions
Other
binu_ss_19990502
binutils-2_40
gdb-10-branchpoint
gdb-11-branchpoint
gdb-12-branchpoint
gdb-13-branchpoint
gdb-4_18-branchpoint
gdb-9-branchpoint
gdb_5_2-branchpoint
gdb_5_3-branchpoint
gdb_6_0-branchpoint
gdb_6_1-branchpoint
gdb_6_2-branchpoint
gdb_6_3-branchpoint
gdb_6_4-branchpoint
gdb_6_5-branchpoint
gdb_6_6-branchpoint
gdb_6_7-branchpoint
gdb_6_8-branchpoint
gdb_7_0-branchpoint
gdb_7_1-branchpoint
gdb_7_2-branchpoint
gdb_7_3-branchpoint
gdb_7_4-branchpoint
gdb_7_5-branchpoint
gdb_7_6-branchpoint
readline_4_0
users/ARM/embedded-binutils-master-2016q4
users/ARM/embedded-binutils-master-2017q4
users/ARM/embedded-binutils-master-2018q4
users/ARM/embedded-gdb-master-2017q4
users/ARM/embedded-gdb-master-2018q4
gdb-7.*
gdb-7.10-branchpoint
gdb-7.11-branchpoint
gdb-7.12-branchpoint
gdb-7.7-branchpoint
gdb-7.8-branchpoint
gdb-7.9-branchpoint
gdb-8.*
gdb-8.0-branchpoint
gdb-8.1-branchpoint
gdb-8.2-branchpoint
gdb-8.3-branchpoint