Search for vulnerabilities
Vulnerability details: VCID-vw62-y6pg-aaag
Vulnerability ID VCID-vw62-y6pg-aaag
Aliases CVE-2022-48064
Summary GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.
Status Published
Exploitability 0.5
Weighted Severity 5.0
Risk 2.5
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-400 Uncontrolled Resource Consumption
CWE-770 Allocation of Resources Without Limits or Throttling
System Score Found at
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.0001 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.00017 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-48064
cvssv3.1 0 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-48064
cvssv3.1 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-48064
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48064.json
https://api.first.org/data/v1/epss?cve=CVE-2022-48064
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48064
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3XKYUAIORNQ32IZUOZFURECZKEXOHX7Z/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KGSKF4GH7425S6XFDQMWTJGD5U47BAZN/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSUNHSOWWLLNGHRM5TUBNCJHEYHPDX2M/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3XKYUAIORNQ32IZUOZFURECZKEXOHX7Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NSUNHSOWWLLNGHRM5TUBNCJHEYHPDX2M/
https://security.netapp.com/advisory/ntap-20231006-0008/
https://sourceware.org/bugzilla/show_bug.cgi?id=29922
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=8f2c64de86bc3d7556121fe296dd679000283931
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8f2c64de86bc3d7556121fe296dd679000283931
2233958 https://bugzilla.redhat.com/show_bug.cgi?id=2233958
cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
CVE-2022-48064 https://nvd.nist.gov/vuln/detail/CVE-2022-48064
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-48064
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-48064
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.00508
EPSS Score 0.0001
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.