Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:30281
HistoryApr 29, 2021 - 1:09 p.m.

Buffer Overflow

2021-04-2913:09:42
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
mingw-w64-binutils
buffer overflow
heap-based
vulnerability
bfd_getl_signed_32
libbfd.c
_bfd_elf_slurp_secondary_reloc_section
elf.c
sh_entsize
software

EPSS

0.001

Percentile

40.6%

mingw-w64-binutils is vulnerable to buffer overflow. The vulnerability exists due to a heap-based buffer over-read in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c.