What the vulnerability does

01Description

An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avr_elf32_load_records_from_section() probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as well as system availability.

Key dates

02Disclosure timeline

May 26, 2021 CVE published
February 28, 2025 Record updated