NULL Pointer Dereference in binutils

Do your applications use this vulnerable package? Test your applications

Overview

Affected versions of this package are vulnerable to NULL Pointer Dereference. A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.34, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file.

Remediation

There is no fixed version for binutils.

References

ADVISORY
CONFIRM
MISC
MISC

Attack Vector

Local
Attack Complexity

Low
Privileges Required

None
User Interaction

Required
Scope

Unchanged
Confidentiality

None
Integrity

None
Availability

High

CVE: CVE-2020-16593
CWE: CWE-476
Snyk ID: SNYK-DEBIAN9-BINUTILS-1050296
Disclosed: 09 Dec, 2020
Published: 11 Dec, 2020

NULL Pointer Dereference
Affecting binutils package, versions *

Overview

Remediation

References

CVSS Score

NULL Pointer Dereference Affecting binutils package, versions *

Overview

Remediation

References

NULL Pointer Dereference
Affecting binutils package, versions *