Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-16599

Опубликовано: 10 дек. 2020
Источник: redhat
CVSS3: 5.5

Описание

A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can cause a denial of service via a crafted file.

Отчет

binutils as shipped in Red Hat Developer Toolsets 9 and 10, Red Hat Enterprise Linux 8 BaseOS and GCC Toolsets 9 and 10, are all not affected by this flaw as it was introduced in a newer version of binutils code than shipped for BaseOS and the 9 toolsets, and already patched in the versions shipped with 10 toolsets.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5binutilsOut of support scope
Red Hat Enterprise Linux 5binutils220Out of support scope
Red Hat Enterprise Linux 6binutilsOut of support scope
Red Hat Enterprise Linux 7binutilsOut of support scope
Red Hat Enterprise Linux 8binutilsNot affected
Red Hat Enterprise Linux 8gcc-toolset-10-binutilsNot affected
Red Hat Enterprise Linux 8gcc-toolset-9-binutilsNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=1906762binutils: Null Pointer Dereference in _bfd_elf_get_symbol_version_string could result in DoS

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-16599

CVSS3: 5.5
ubuntu
около 5 лет назад

A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can cause a denial of service via a crafted file.

nvd логотип

CVE-2020-16599

CVSS3: 5.5
nvd
около 5 лет назад

A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can cause a denial of service via a crafted file.

debian логотип

CVE-2020-16599

CVSS3: 5.5
debian
около 5 лет назад

A Null Pointer Dereference vulnerability exists in the Binary File Des ...

github логотип

GHSA-77qx-69hx-pmqh

CVSS3: 5.5
github
больше 3 лет назад

A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.34, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can cause a denial of service via a crafted file.

fstec логотип

BDU:2023-05793

CVSS3: 5.5
fstec
около 5 лет назад

Уязвимость библиотеки libbfd программного средства разработки GNU Binutils, связанная с разыменованием нулевого указателя, позволяющая нарушителю вызвать отказ в обслуживании

5.5 Medium

CVSS3