PT-2021-13876 · Gnu+7 · Gnu Binutils+7

Hao Wang

Published

2020-11-22

Updated

2024-06-15

CVE-2021-20284

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: GNU Binutils version 2.35.1

Description: A flaw was found in GNU Binutils, where there is a heap-based buffer overflow in bfd elf slurp secondary reloc section in elf.c due to the number of symbols not calculated correctly. The highest threat from this issue is to system availability.

Recommendations: For GNU Binutils version 2.35.1, consider updating to a newer version to mitigate the risk, as the current version has a heap-based buffer overflow issue. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-787

Related Identifiers

ALSA-2021:4364

ALT-PU-2021-2153

CESA-2021_4364

CVE-2021-20284

OPENSUSE-SU-2021:1475-1

OPENSUSE-SU-2021:3616-1

OPENSUSE-SU-2021_1475-1

OPENSUSE-SU-2021_3616-1

OPENSUSE-SU-2024:10651-1

RHSA-2021:4364

RHSA-2021_4364

RLSA-2021:4364

SUSE-SU-2021:3593-1

SUSE-SU-2021:3616-1

SUSE-SU-2022:0934-1

Affected Products

Alt Linux

Almalinux

Centos

Debian

Gnu Binutils

Red Hat

Rocky Linux

Suse

PT-2021-13876 · Gnu+7 · Gnu Binutils+7

CVE-2021-20284

Weakness Enumeration

Related Identifiers

Affected Products

References · 183