Lucene search
K

6 matches found

CVE
CVE
added 2020/12/27 3:38 a.m.217 views

CVE-2020-35448

CVE-2020-35448 affects GNU Binutils’ libbfd in CP4S (Binary File Descriptor) integration. The issue is a heap-based buffer over-read in bfd_getl_signed_32 in libbfd.c caused by lack of validation of sh_entsize in _bfd_elf_slurp_secondary_reloc_section() in elf.c, which can crash the application (...

4.3CVSS5.1AI score0.01278EPSS
CVE
CVE
added 2020/12/09 9:5 p.m.170 views

CVE-2020-16592

CVE-2020-16592 concerns a use-after-free in the Binary File Descriptor (libbfd) within GNU Binutils 2.34. The vulnerability is triggered in the function bfd_hash_lookup (as used by nm-new), leading to a denial of service via a crafted file. The connected documents identify the affected component ...

5.5CVSS5.5AI score0.01046EPSS
CVE
CVE
added 2020/12/09 9:6 p.m.168 views

CVE-2020-16599

CVE-2020-16599 concerns a NULL pointer dereference in the GNU Binutils library (libbfd) distributed with Binutils 2.35, specifically in _bfd_elf_get_symbol_version_string used by nm-new, which can cause a denial of service via a crafted ELF file. The connected Nessus entries note an “illegal memo...

5.5CVSS5.4AI score0.01042EPSS
CVE
CVE
added 2020/12/09 9:5 p.m.126 views

CVE-2020-16590

Technical details about CVE-2020-16590 are not publicly provided in the connected documents. The initial description notes a double-free in GNU Binutils 2.35 BFD/process_symbol_table, but no further specifics (affected products/versions) are given here. Monitor for updates.

5.5CVSS5.7AI score0.00943EPSS
CVE
CVE
added 2020/12/09 9:5 p.m.120 views

CVE-2020-16591

CVE-2020-16591 : A Denial of Service in the Binary File Descriptor (BFD) of GNU Binutils 2.35 is caused by an invalid read in process_symbol_table (readeif). The description confirms the affected product and root cause and notes a DoS impact. No public details about exploitation methods, affected...

5.5CVSS5.7AI score0.00884EPSS
CVE
CVE
added 2020/12/09 9:6 p.m.118 views

CVE-2020-16593

CVE-2020-16593 is a Null Pointer Dereference in the Binary File Descriptor (BFD) library (libbfd) as distributed in GNU Binutils 2.35, in scan_unit_for_symbols (addr2line demonstrated), leading to denial of service via a crafted file. Connected sources confirm the issue exists in Binutils compone...

5.5CVSS5.5AI score0.01181EPSS