CVE-2020-35448

Updated: 2024-11-23 01:53:27.221097

Description:

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 4.3
CVSS Version 3.x LOW 3.3

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

CentOS 8.4 ELS binutils 2.30-93 3.3 LOW Released CLSA-2022:1645466518 2022-04-26 15:46:41
CentOS 8.5 ELS binutils 2.30-108 3.3 LOW Not Vulnerable 2022-04-26 15:46:41