Vulnerabilities > CVE-2020-35494 - Use of Uninitialized Resource vulnerability in multiple products

047910
CVSS 6.1 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
HIGH

Summary

There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to data confidentiality. This flaw affects binutils versions prior to 2.34.

Vulnerable Configurations

Part Description Count
Application
Gnu
61
Application
Netapp
4
OS
Fedoraproject
1
OS
Broadcom
1
OS
Netapp
1
Hardware
Netapp
1

Common Weakness Enumeration (CWE)