CVE-2020-35507

2021-01-0415:15:15

Google

osv.dev

6.8 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

46.7%

JSON

There’s a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability.

CPENameOperatorVersion
binutils-gdb.giteqgdb_6_5-branchpoint
binutils-gdb.giteqgdb_7_6-branchpoint
binutils-gdb.giteqgdb-8.0-branchpoint
binutils-gdb.giteqgdb_7_4-branchpoint
binutils-gdb.giteqgdb-7.10-branchpoint
binutils-gdb.giteqgdb-7.9-branchpoint
binutils-gdb.giteqgdb_7_2-branchpoint
binutils-gdb.gitequsers/ARM/embedded-binutils-master-2018q4
binutils-gdb.giteqgdb_6_4-branchpoint
binutils-gdb.giteqgdb-7.12-branchpoint

Name	Operator	Version
binutils-gdb.git	eq	gdb_6_5-branchpoint
binutils-gdb.git	eq	gdb_7_6-branchpoint
binutils-gdb.git	eq	gdb-8.0-branchpoint
binutils-gdb.git	eq	gdb_7_4-branchpoint
binutils-gdb.git	eq	gdb-7.10-branchpoint
binutils-gdb.git	eq	gdb-7.9-branchpoint
binutils-gdb.git	eq	gdb_7_2-branchpoint
binutils-gdb.git	eq	users/ARM/embedded-binutils-master-2018q4
binutils-gdb.git	eq	gdb_6_4-branchpoint
binutils-gdb.git	eq	gdb-7.12-branchpoint