CVE-2023-1972

SOURCE - nist

Summary

A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability.

EPSS Score⁠: 0.00048 (0.170)

Common Weakness Enumeration (CWE)

SOURCE - nist

CWE-787⁠

Out-of-bounds Write

SOURCE - redhat

CWE-119⁠

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-787⁠

Out-of-bounds Write

Sources (10)

Impacted images

debian

CREATED

1 year ago

UPDATED

8 months ago

SOURCE IDCVE-2023-1972⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Package	Type	OS Name	OS Version	Affected Ranges	Fix Versions
debian/binutils	deb	debian	12	>=2.40-2	Not yet available
debian/binutils	deb	debian	10	>=2.31.1-16	Not yet available
debian/binutils	deb	debian	13	<2.41-1	2.41-1
debian/binutils	deb	debian	unstable	<2.41-1	2.41-1
debian/binutils	deb	debian	11	>=2.35.2-2	Not yet available

Severity and metrics

No CVSS data available from this source.

nist

CREATED

1 year ago

UPDATED

8 months ago

SOURCE IDCVE-2023-1972⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-787⁠

CVSS SCORE

6.5medium

alpine

CREATED

1 year ago

UPDATED

2 months ago

SOURCE IDCVE-2023-1972⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

ubuntu

CREATED

1 year ago

UPDATED

21 days ago

SOURCE IDCVE-2023-1972⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.5low

amazon

CREATED

5 months ago

UPDATED

4 months ago

SOURCE IDALAS-2024-2401⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

amazon

CREATED

3 months ago

UPDATED

3 months ago

SOURCE IDALAS2023-2023-229⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

amazon

CREATED

5 months ago

UPDATED

4 months ago

SOURCE IDALAS2-2024-2401⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

redhat

CREATED

1 year ago

UPDATED

10 months ago

SOURCE IDCVE-2023-1972⁠

EXPLOITABILITY SCORE

1.0

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-119⁠CWE-787⁠

CVSS SCORE

2.5low

chainguard

CREATED

1 year ago

UPDATED

8 months ago

SOURCE ID

CVE-2023-1972

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE

wolfi

CREATED

1 year ago

UPDATED

8 months ago

SOURCE ID

CVE-2023-1972

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE