Vulnerabilities > CVE-2020-35496 - NULL Pointer Dereference vulnerability in multiple products

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH

Summary

There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions prior to 2.34.

Vulnerable Configurations

Part Description Count
Application
Gnu
61
Application
Netapp
4
OS
Fedoraproject
1
OS
Broadcom
1
OS
Netapp
1
Hardware
Netapp
1

Common Weakness Enumeration (CWE)