USN-5762-1: GNU binutils vulnerability
5 December 2022
GNU binutils could be made to crash or execute arbitrary code if it received a specially crafted COFF file.
Releases
Packages
- binutils - GNU assembler, linker and binary utilities
Details
It was discovered that GNU binutils incorrectly handled certain COFF files.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.10
Ubuntu 22.04
Ubuntu 20.04
Ubuntu 18.04
Ubuntu 16.04
-
binutils-multiarch
-
2.26.1-1ubuntu1~16.04.8+esm5
Available with Ubuntu Pro
-
binutils
-
2.26.1-1ubuntu1~16.04.8+esm5
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-6544-1: binutils-multiarch, binutils-x86-64-linux-gnu, binutils-hppa64-linux-gnu, binutils-i686-kfreebsd-gnu, binutils-common, binutils-x86-64-kfreebsd-gnu, binutils-multiarch-dev, binutils-arm-linux-gnueabihf, libbinutils, binutils, binutils-ia64-linux-gnu, binutils-for-build, binutils-s390x-linux-gnu, binutils-x86-64-linux-gnux32, binutils-static, binutils-i686-gnu, binutils-riscv64-linux-gnu, libctf0, binutils-for-host, binutils-i686-linux-gnu, binutils-sparc64-linux-gnu, binutils-dev, binutils-m68k-linux-gnu, libctf-nobfd0, binutils-powerpc64-linux-gnu, binutils-powerpc64le-linux-gnu, binutils-hppa-linux-gnu, binutils-arm-linux-gnueabi, binutils-aarch64-linux-gnu, binutils-source, binutils-powerpc-linux-gnu, binutils-doc, binutils-sh4-linux-gnu, binutils-alpha-linux-gnu