Gnu · Gnu Binutils · CVE-2020-35342
**Name of the Vulnerable Software and Affected Versions**
GNU Binutils versions prior to 2.34
**Description**
The issue is related to an uninitialized-heap vulnerability in the `tic4x print cond` function, located in the `opcodes/tic4x-dis.c` component of the GNU Binutils software development tool. This vulnerability could allow a remote attacker to exploit the error and gain access to confidential data, potentially leading to an information leak.
**Recommendations**
For GNU Binutils versions prior to 2.34, update to version 2.34 or later to resolve the issue. As a temporary workaround, consider restricting access to the `tic4x print cond` function in the `opcodes/tic4x-dis.c` component until a patch is applied.