Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2020-35493

Опубликовано: 04 янв. 2021
Источник: debian
EPSS Низкий

Описание

A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
binutilsfixed2.33.50.20200107-1package

Примечания

  • https://sourceware.org/bugzilla/show_bug.cgi?id=25307

  • https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f2a3559d54602cecfec6d90f792be4a70ad918ab

  • binutils not covered by security support

EPSS

Процентиль: 45%
0.00227
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2020-35493

CVSS3: 5.5
ubuntu
около 5 лет назад

A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34.

redhat логотип

CVE-2020-35493

CVSS3: 5.5
redhat
около 6 лет назад

A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34.

nvd логотип

CVE-2020-35493

CVSS3: 5.5
nvd
около 5 лет назад

A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34.

msrc логотип

CVE-2020-35493

CVSS3: 5.5
msrc
около 5 лет назад

A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34.

github логотип

GHSA-w5g7-j55x-m535

CVSS3: 5.5
github
больше 3 лет назад

A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34.

EPSS

Процентиль: 45%
0.00227
Низкий