Lucene search

K
cvelistMitreCVELIST:CVE-2020-35448
HistoryDec 27, 2020 - 3:38 a.m.

CVE-2020-35448

2020-12-2703:38:54
mitre
www.cve.org
9
binary file descriptor
heap-based buffer over-read
gnu binutils

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

40.6%

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c.