Search for vulnerabilities
Vulnerability details: VCID-q8v6-kzjc-aaaa
Vulnerability ID VCID-q8v6-kzjc-aaaa
Aliases CVE-2022-48063
Summary GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.
Status Published
Exploitability 0.5
Weighted Severity 5.0
Risk 2.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-400 Uncontrolled Resource Consumption
System Score Found at
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.00018 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
epss 0.00049 https://api.first.org/data/v1/epss?cve=CVE-2022-48063
cvssv3 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-48063
cvssv3.1 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-48063
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48063.json
https://api.first.org/data/v1/epss?cve=CVE-2022-48063
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48063
https://security.netapp.com/advisory/ntap-20231006-0008/
https://sourceware.org/bugzilla/show_bug.cgi?id=29924
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=75393a2d54bcc40053e5262a3de9d70c5ebfbbfd
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=75393a2d54bcc40053e5262a3de9d70c5ebfbbfd
2233949 https://bugzilla.redhat.com/show_bug.cgi?id=2233949
cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:*
CVE-2022-48063 https://nvd.nist.gov/vuln/detail/CVE-2022-48063
USN-6413-1 https://usn.ubuntu.com/6413-1/
USN-6655-1 https://usn.ubuntu.com/6655-1/
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-48063
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-48063
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.00562
EPSS Score 0.0001
Published At April 11, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.