What the vulnerability does

01Description

There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions prior to 2.34.

Key dates

02Disclosure timeline

January 4, 2021 CVE published
August 4, 2024 Record updated