Lucene search

K
cvelistRedhatCVELIST:CVE-2020-35496
HistoryJan 04, 2021 - 2:24 p.m.

CVE-2020-35496

2021-01-0414:24:21
CWE-476
redhat
www.cve.org
9
flaw
bfd_pef_scan_start_address
null pointer
dereference
binutils
objdump
crafted file
application availability
cve-2020-35496
vulnerability

AI Score

5.8

Confidence

High

EPSS

0.001

Percentile

48.7%

There’s a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions prior to 2.34.

CNA Affected

[
  {
    "product": "binutils",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "binutils 2.34"
      }
    ]
  }
]