There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions prior to 2.34.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Sun, 13 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00323}

epss

{'score': 0.00085}


cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2024-08-04T17:02:08.151Z

Reserved: 2020-12-17T00:00:00

Link: CVE-2020-35496

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-01-04T15:15:14.323

Modified: 2024-11-21T05:27:25.543

Link: CVE-2020-35496

cve-icon Redhat

Severity : Low

Publid Date: 2019-12-22T00:00:00Z

Links: CVE-2020-35496 - Bugzilla

cve-icon OpenCVE Enrichment

No data.