5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
12.8%
A memory consumption issue in get_data function in binutils/nm.c in GNU nm
before 2.34 allows attackers to cause a denial of service via crafted
command.
Author | Note |
---|---|
seth-arnold | binutils isn’t safe for untrusted inputs. |
launchpad.net/bugs/cve/CVE-2020-19724
nvd.nist.gov/vuln/detail/CVE-2020-19724
security-tracker.debian.org/tracker/CVE-2020-19724
sourceware.org/bugzilla/show_bug.cgi?id=25362
sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=805f38bc551de820bcd7b31d3c5731ae27cf853a
ubuntu.com/security/notices/USN-6381-1
www.cve.org/CVERecord?id=CVE-2020-19724