Vulnerability Details CVE-2021-20284
A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.9%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1937784
- https://security.gentoo.org/glsa/202208-30
- https://security.netapp.com/advisory/ntap-20210521-0010/
- https://sourceware.org/bugzilla/show_bug.cgi?id=26931
- https://bugzilla.redhat.com/show_bug.cgi?id=1937784
- https://security.gentoo.org/glsa/202208-30
- https://security.netapp.com/advisory/ntap-20210521-0010/
- https://sourceware.org/bugzilla/show_bug.cgi?id=26931
Products affected by CVE-2021-20284
-
cpe:2.3:a:gnu:binutils:2.35.1
-
cpe:2.3:a:netapp:cloud_backup:-
-
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-