exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 26 RSS Feed

CVE-2022-4285

Status Candidate

Overview

An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.

Related Files

Ubuntu Security Notice USN-6842-1
Posted Jun 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6842-1 - It was discovered that gdb incorrectly handled certain memory operations when parsing an ELF file. An attacker could possibly use this issue to cause a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. This issue only affected Ubuntu 22.04 LTS. It was discovered that gdb incorrectly handled memory leading to a heap based buffer overflow. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-4285, CVE-2023-1972, CVE-2023-39128, CVE-2023-39129, CVE-2023-39130
SHA-256 | 6e5de4834e3a280deea1fc2358e98e78dfa33394d8ea2735107c8c05ed51dafd
Ubuntu Security Notice USN-6544-1
Posted Dec 11, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6544-1 - It was discovered that GNU binutils incorrectly handled certain COFF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. It was discovered that GNU binutils was not properly performing bounds checks in several functions, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-19726, CVE-2022-35205, CVE-2022-38533, CVE-2022-4285
SHA-256 | 9f2d15cd39eb8aa25961b37f885531e1ac117b562c6ee00429e116f924ee59f1
Red Hat Security Advisory 2023-7394-01
Posted Nov 22, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7394-01 - An update for binutils is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a null pointer vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-4285
SHA-256 | 46970c8469ddba80ca17ba60c89e56c1547502aa32725b53826c71afd9cab02e
Red Hat Security Advisory 2023-6593-01
Posted Nov 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-6593-01 - An update for binutils is now available for Red Hat Enterprise Linux 9. Issues addressed include a null pointer vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-4285
SHA-256 | 7a09aa07f9f63c58027888c2722808e5f6a6aabbf723e45f017d87300be92a8d
Red Hat Security Advisory 2023-6236-01
Posted Nov 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-6236-01 - An update for binutils is now available for Red Hat Enterprise Linux 8. Issues addressed include a null pointer vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-4285
SHA-256 | 6159a177bdaeacd45d6c19f682a3b8650a38b16ed2d90f990212796a624405f6
Gentoo Linux Security Advisory 202309-15
Posted Oct 2, 2023
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202309-15 - Multiple vulnerabilities have been found in GNU Binutils, the worst of which could result in denial of service. Versions greater than or equal to 2.40 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2022-38126, CVE-2022-38127, CVE-2022-38128, CVE-2022-38533, CVE-2022-4285, CVE-2023-1579, CVE-2023-1972
SHA-256 | 86ddcc309764b6b66059868311e9f0b2422e461c8da2f228600256baa9c81ff0
Gentoo Linux Security Advisory 202305-32
Posted May 30, 2023
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202305-32 - Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in arbitrary code execution. Versions greater than or equal to 2.40.1 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2022-32885, CVE-2022-32886, CVE-2022-32888, CVE-2022-32891, CVE-2022-32923, CVE-2022-42799, CVE-2022-42823, CVE-2022-42824, CVE-2022-42826, CVE-2022-42852, CVE-2022-42856, CVE-2022-42863, CVE-2022-42867, CVE-2022-46691
SHA-256 | 906ab1ece4af058a436e7f776c3157d7dbe079d880f2fc7014b44b4ea3fab838
Red Hat Security Advisory 2023-3269-01
Posted May 24, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3269-01 - The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Issues addressed include buffer overflow and null pointer vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2021-3826, CVE-2022-4285
SHA-256 | a289180fa7285e4d383b228c646180c2d4e702f9b90480dcf8cd3802e8af9b79
Red Hat Security Advisory 2023-2834-01
Posted May 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2834-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include buffer overflow, bypass, code execution, information leakage, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-32886, CVE-2022-32888, CVE-2022-32923, CVE-2022-42799, CVE-2022-42823, CVE-2022-42824, CVE-2022-42826, CVE-2022-42852, CVE-2022-42863, CVE-2022-42867, CVE-2022-46691, CVE-2022-46692, CVE-2022-46698, CVE-2022-46699
SHA-256 | 6a679e9dc0d3212115b238f42e43baea6a5e8542be4f1c84823386414d8836cb
Red Hat Security Advisory 2023-2873-01
Posted May 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2873-01 - The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Issues addressed include a null pointer vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-4285
SHA-256 | 2511429317e75ef67435d655c0c9a8627cffcaa58f29c2dd01de3bac59fa5fe3
Red Hat Security Advisory 2023-2256-01
Posted May 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2256-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include buffer overflow, bypass, code execution, information leakage, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-32886, CVE-2022-32888, CVE-2022-32923, CVE-2022-42799, CVE-2022-42823, CVE-2022-42824, CVE-2022-42826, CVE-2022-42852, CVE-2022-42863, CVE-2022-42867, CVE-2022-46691, CVE-2022-46692, CVE-2022-46698, CVE-2022-46699
SHA-256 | c78b6b040671645ff6447422206821720744b5b0c57d3fee6c3de3b6593dcdbb
Apple Security Advisory 2023-01-23-3
Posted Jan 24, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-01-23-3 - iOS 12.5.7 addresses a code execution vulnerability.

tags | advisory, code execution
systems | apple, ios
advisories | CVE-2022-42856
SHA-256 | ca20c54235d1a4f84eeec3a278849a37e4ef1d9e2f491eaed9b3aa083fde48a7
libCoreEntitlements CEContextQuery Arbitrary Entitlement Returns
Posted Jan 13, 2023
Authored by Ivan Fratric, Google Security Research

On newer macOS/iOS versions, entitlements in binary signature blobs are stored in the DER format. libCoreEntitlements.dylib is the userspace library for parsing and querying such entitlements. The kernel has its own version of this library inside the AppleMobileFileIntegrity module. libCoreEntitlements exposes several functions, such as, for example, to convert entitlements to a dictionary representation (e.g. CEQueryContextToCFDictionary) or to query a specific entitlement (CEContextQuery). Unfortunately, different functions traverse the DER structure in a subtly different way, which allows one API to see one set of entitlements and another API to see a different set of entitlements.

tags | exploit, kernel
systems | apple, ios
advisories | CVE-2022-42855
SHA-256 | 9313c983a56ba7500d8b9861b16b1c103ae3a9454de12a836126f89cec59a1b8
Ubuntu Security Notice USN-5797-1
Posted Jan 10, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5797-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2022-42852, CVE-2022-46698
SHA-256 | 7d038cf5cf0d352110b29efd7ebf03b7f41defff9ed3da1235cfdddef29584cd
Red Hat Security Advisory 2023-0021-01
Posted Jan 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0021-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include a code execution vulnerability.

tags | advisory, web, code execution
systems | linux, redhat
advisories | CVE-2022-42856
SHA-256 | 380feba1edc129a40491caee760575dd2da40706caf7f32c9ef7e91807e7c062
Red Hat Security Advisory 2023-0016-01
Posted Jan 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0016-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include a code execution vulnerability.

tags | advisory, web, code execution
systems | linux, redhat
advisories | CVE-2022-42856
SHA-256 | 856ff1b00766475f24b08c50c63bdd2842a0f41702c155c94a49b75d00a796f3
Debian Security Advisory 5309-1
Posted Jan 2, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5309-1 - Vulnerabilities have been discovered in the WPE WebKit web engine. hazbinhotel discovered that processing maliciously crafted web content may result in the disclosure of process memory. KirtiKumar Anandrao Ramchandani discovered that processing maliciously crafted web content may bypass Same Origin Policy. Dohyun Lee and Ryan Shin discovered that processing maliciously crafted web content may disclose sensitive user information. Various other issues have also been addressed.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2022-42852, CVE-2022-42856, CVE-2022-42867, CVE-2022-46692, CVE-2022-46698, CVE-2022-46699, CVE-2022-46700
SHA-256 | b6a4ddff8422c104447a74d4cd2afa4b8991b2e496ca694ad77acf12e52cc9e6
Debian Security Advisory 5308-1
Posted Jan 2, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5308-1 - Vulnerabilities have been discovered in the WebKitGTK web engine. hazbinhotel discovered that processing maliciously crafted web content may result in the disclosure of process memory. Maddie Stone discovered that processing maliciously crafted web content may lead to arbitrary code execution. KirtiKumar Anandrao Ramchandani discovered that processing maliciously crafted web content may bypass Same Origin Policy. Multiple other issues were also addressed.

tags | advisory, web, arbitrary, vulnerability, code execution
systems | linux, debian
advisories | CVE-2022-42852, CVE-2022-42856, CVE-2022-42867, CVE-2022-46692, CVE-2022-46698, CVE-2022-46699, CVE-2022-46700
SHA-256 | 14928aa1c41eb7f7fba504e112497c87923df5cb9caf334ac3fa7072e2ab78aa
Apple Security Advisory 2022-12-13-9
Posted Dec 22, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-12-13-9 - Safari 16.2 addresses bypass, code execution, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2022-42852, CVE-2022-42856, CVE-2022-42863, CVE-2022-42867, CVE-2022-46691, CVE-2022-46692, CVE-2022-46696, CVE-2022-46698, CVE-2022-46699, CVE-2022-46700
SHA-256 | 87491cf833b3a49e10aa9918314bf6489321d8e04cec6939d195cb3f70c77dc2
Apple Security Advisory 2022-12-13-8
Posted Dec 22, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-12-13-8 - watchOS 9.2 addresses bypass, code execution, integer overflow, out of bounds write, spoofing, and use-after-free vulnerabilities.

tags | advisory, overflow, spoof, vulnerability, code execution
systems | apple
advisories | CVE-2022-40303, CVE-2022-40304, CVE-2022-42837, CVE-2022-42842, CVE-2022-42843, CVE-2022-42845, CVE-2022-42849, CVE-2022-42852, CVE-2022-42859, CVE-2022-42863, CVE-2022-42864, CVE-2022-42865, CVE-2022-42866, CVE-2022-42867
SHA-256 | cbfa8ceb09614901b4b0bb05115fb58ae50c3fb04ef6395b18e75c81436f174b
Apple Security Advisory 2022-12-13-7
Posted Dec 22, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-12-13-7 - tvOS 16.2 addresses bypass, code execution, integer overflow, out of bounds write, spoofing, and use-after-free vulnerabilities.

tags | advisory, overflow, spoof, vulnerability, code execution
systems | apple
advisories | CVE-2022-40303, CVE-2022-40304, CVE-2022-42842, CVE-2022-42843, CVE-2022-42845, CVE-2022-42848, CVE-2022-42849, CVE-2022-42851, CVE-2022-42852, CVE-2022-42855, CVE-2022-42856, CVE-2022-42863, CVE-2022-42864, CVE-2022-42865
SHA-256 | 74ff4e02487d4bc615b6697e750a64c98e8fc416e7a5b739eed037fe127f069f
Apple Security Advisory 2022-12-13-5
Posted Dec 22, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-12-13-5 - macOS Monterey 12.6.2 addresses bypass, code execution, and integer overflow vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2022-32942, CVE-2022-40303, CVE-2022-40304, CVE-2022-42821, CVE-2022-42840, CVE-2022-42841, CVE-2022-42842, CVE-2022-42845, CVE-2022-42854, CVE-2022-42855, CVE-2022-42861, CVE-2022-42864, CVE-2022-46689
SHA-256 | 79a709b247d426bc8ab1d7a71fb6c94fddc8ffaba7db1441df2a880027444228
Apple Security Advisory 2022-12-13-4
Posted Dec 22, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-12-13-4 - macOS Ventura 13.1 addresses bypass, code execution, out of bounds access, out of bounds write, spoofing, and use-after-free vulnerabilities.

tags | advisory, spoof, vulnerability, code execution
systems | apple
advisories | CVE-2022-24836, CVE-2022-29181, CVE-2022-32942, CVE-2022-32943, CVE-2022-42837, CVE-2022-42840, CVE-2022-42841, CVE-2022-42842, CVE-2022-42843, CVE-2022-42845, CVE-2022-42847, CVE-2022-42852, CVE-2022-42853, CVE-2022-42854
SHA-256 | b3bbef4a98914d0e5167d5e357e15f513f9d357c6df7cfdad446ecc8856061ac
Apple Security Advisory 2022-12-13-3
Posted Dec 22, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-12-13-3 - iOS 16.1.2 addresses a code execution vulnerability.

tags | advisory, code execution
systems | apple, ios
advisories | CVE-2022-42856
SHA-256 | 3b5d9bba95f3634a64c2835668e5a726e2c51758bd9516987236fb25666d5d7f
Apple Security Advisory 2022-12-13-2
Posted Dec 22, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-12-13-2 - iOS 15.7.2 and iPadOS 15.7.2 addresses bypass, code execution, integer overflow, out of bounds write, and spoofing vulnerabilities.

tags | advisory, overflow, spoof, vulnerability, code execution
systems | apple, ios
advisories | CVE-2022-40303, CVE-2022-40304, CVE-2022-42837, CVE-2022-42840, CVE-2022-42846, CVE-2022-42848, CVE-2022-42852, CVE-2022-42855, CVE-2022-42856, CVE-2022-42861, CVE-2022-42864, CVE-2022-46689, CVE-2022-46691, CVE-2022-46692
SHA-256 | e526cdedd8ce35da09dee49922c773c4c21c09a4f4ffb9a56567d00adb6def9c
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close