CVE-2020-35496

2021-01-0414:24:21

CWE-476

redhat

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.6%

JSON

There’s a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions prior to 2.34.

CNA Affected

[
  {
    "product": "binutils",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "binutils 2.34"
      }
    ]
  }
]