Vulnerabilities > CVE-2020-35493

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

NVD

Published: 2021-01-04

Updated: 2024-11-21

Summary

A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34.

Vulnerable Configurations

Part	Description	Count
Application	Gnu GNU Binutils - GNU Binutils 2.6 GNU Binutils 2.7 GNU Binutils 2.8 GNU Binutils 2.8.1 GNU Binutils 2.9 GNU Binutils 2.9.1 GNU Binutils 2.10 GNU Binutils 2.10.1 GNU Binutils 2.10.1A GNU Binutils 2.11 GNU Binutils 2.11.1 GNU Binutils 2.11.2 GNU Binutils 2.11.2A GNU Binutils 2.12 GNU Binutils 2.12.1 GNU Binutils 2.12.1A GNU Binutils 2.13 GNU Binutils 2.13.1 GNU Binutils 2.13.2 GNU Binutils 2.13.2.1 GNU Binutils 2.13.2.1A GNU Binutils 2.14 GNU Binutils 2.14A GNU Binutils 2.15 GNU Binutils 2.15A GNU Binutils 2.16.1 GNU Binutils 2.16.1A GNU Binutils 2.17 GNU Binutils 2.17A GNU Binutils 2.18 GNU Binutils 2.18A GNU Binutils 2.19 GNU Binutils 2.19.1 GNU Binutils 2.19.1A GNU Binutils 2.20 GNU Binutils 2.20.1 GNU Binutils 2.20.1A GNU Binutils 2.21.1 GNU Binutils 2.21.1A GNU Binutils 2.22 GNU Binutils 2.23 GNU Binutils 2.23.1 GNU Binutils 2.23.2 GNU Binutils 2.24 GNU Binutils 2.25 GNU Binutils 2.25.1 GNU Binutils 2.26 GNU Binutils 2.26.1 GNU Binutils 2.27 GNU Binutils 2.28 GNU Binutils 2.28.1 GNU Binutils 2.29 GNU Binutils 2.29.1 GNU Binutils 2.29.1.1 GNU Binutils 2.30 GNU Binutils 2.31 GNU Binutils 2.31.1 GNU Binutils 2.32 GNU Binutils 2.33 GNU Binutils 2.33.1	61
Application	Netapp Netapp Cloud Backup - Netapp Ontap Select Deploy Administration Utility - Netapp Solidfire & HCI Management Node - Netapp Solidfire, Enterprise SDS & HCI Storage Node -	4
OS	Fedoraproject Fedoraproject Fedora 32	1
OS	Broadcom Broadcom Brocade Fabric Operating System Firmware -	1
OS	Netapp Netapp HCI Compute Node Firmware -	1
Hardware	Netapp Netapp HCI Compute Node -	1

Vulnerabilities > CVE-2020-35493 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2020-35493"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2020-35493