Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2020-35448

Опубликовано: 27 дек. 2020
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 4.3
CVSS3: 3.3

Описание

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c.

РелизСтатусПримечание
bionic

not-affected

code not present
devel

not-affected

2.35.50.20201210-0ubuntu2
esm-infra-legacy/trusty

not-affected

code not present
esm-infra/bionic

not-affected

code not present
esm-infra/focal

not-affected

code not present
esm-infra/xenial

not-affected

code not present
focal

not-affected

code not present
groovy

not-affected

2.35.1-1ubuntu1
precise/esm

not-affected

code not present
trusty

ignored

end of standard support

Показывать по

Ссылки на источники

EPSS

Процентиль: 34%
0.00132
Низкий

4.3 Medium

CVSS2

3.3 Low

CVSS3

Связанные уязвимости

redhat логотип

CVE-2020-35448

CVSS3: 3.3
redhat
больше 5 лет назад

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c.

nvd логотип

CVE-2020-35448

CVSS3: 3.3
nvd
почти 5 лет назад

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c.

debian логотип

CVE-2020-35448

CVSS3: 3.3
debian
почти 5 лет назад

An issue was discovered in the Binary File Descriptor (BFD) library (a ...

github логотип

GHSA-r2cj-jqqc-j833

CVSS3: 3.3
github
больше 3 лет назад

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c.

fstec логотип

BDU:2023-05790

CVSS3: 3.3
fstec
почти 5 лет назад

Уязвимость библиотеки libbfd программного средства разработки GNU Binutils, связанная с чтением за границами буфера в памяти, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

EPSS

Процентиль: 34%
0.00132
Низкий

4.3 Medium

CVSS2

3.3 Low

CVSS3