CVE-2020-35507

There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability.
References
Link Resource
https://bugzilla.redhat.com/show_bug.cgi?id=1911691 Exploit Issue Tracking Patch Third Party Advisory
https://security.gentoo.org/glsa/202107-24 Third Party Advisory
https://security.netapp.com/advisory/ntap-20210212-0007/ Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire\,_enterprise_sds_\&_hci_storage_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:brocade_fabric_operating_system:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-01-04 15:15

Updated : 2024-02-28 18:08


NVD link : CVE-2020-35507

Mitre link : CVE-2020-35507

CVE.ORG link : CVE-2020-35507


JSON object : View

Products Affected

broadcom

  • brocade_fabric_operating_system

netapp

  • hci_compute_node_firmware
  • cloud_backup
  • hci_compute_node
  • ontap_select_deploy_administration_utility
  • solidfire_\&_hci_management_node
  • solidfire\,_enterprise_sds_\&_hci_storage_node

gnu

  • binutils

redhat

  • enterprise_linux
CWE
CWE-476

NULL Pointer Dereference