| Snyk

Threat Intelligence

0.06% (29^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk Learn

Learn about Memory Leak vulnerabilities in an interactive lesson.

Start learning

Snyk IDSNYK-RHEL9-GCCTOOLSET13GDB-6052920
published9 Nov 2023
disclosed21 Dec 2022

Report a new vulnerability Found a mistake?

Introduced: 21 Dec 2022

CVE-2022-48065 (opens in a new tab) CWE-401 (opens in a new tab)

Amendment

The Red Hat security team deemed this advisory irrelevant for RHEL:9.

NVD Description

Note: Versions mentioned in the description apply only to the upstream gcc-toolset-13-gdb package and not the gcc-toolset-13-gdb package as distributed by RHEL.

GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c.

References

https://access.redhat.com/security/cve/CVE-2022-48065
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d28fbc7197ba0e021a43f873eff90b05dcdcff6a
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GLZXZXFX2ZWTDU2QZUSZG36LZZVTKUVG/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KGSKF4GH7425S6XFDQMWTJGD5U47BAZN/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GLZXZXFX2ZWTDU2QZUSZG36LZZVTKUVG/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KGSKF4GH7425S6XFDQMWTJGD5U47BAZN/
https://security.netapp.com/advisory/ntap-20231006-0008/
https://sourceware.org/bugzilla/show_bug.cgi?id=29925
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=d28fbc7197ba0e021a43f873eff90b05dcdcff6a

Memory Leak The advisory has been revoked - it doesn't affect any version of package gcc-toolset-13-gdb (opens in a new tab)