Vulnerability Details CVE-2020-16590
A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as demonstrated in readelf, via a crafted file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.5%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
- https://security.netapp.com/advisory/ntap-20210115-0003/
- https://sourceware.org/bugzilla/show_bug.cgi?id=25821
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=c98a4545dc7bf2bcaf1de539c4eb84784680eaa4
- https://security.netapp.com/advisory/ntap-20210115-0003/
- https://sourceware.org/bugzilla/show_bug.cgi?id=25821
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=c98a4545dc7bf2bcaf1de539c4eb84784680eaa4
Products affected by CVE-2020-16590
-
cpe:2.3:a:gnu:binutils:2.35
-
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-