CVE-2021-20284
MEDIUMGNU Binutils 2.35.1 - Heap-Based Buffer Overflow in _bfd_elf_slurp_secondary_reloc_section
Title source: llmDescription
A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability.
References (4)
Core 4
Core References
Exploit, Issue Tracking, Third Party Advisory x_refsource_misc
https://sourceware.org/bugzilla/show_bug.cgi?id=26931
Exploit, Issue Tracking, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=1937784
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20210521-0010/
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/202208-30
Scores
CVSS v3
5.5
EPSS
0.0009
EPSS Percentile
25.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-119
CWE-787
Status
published
Products (3)
gnu/binutils
2.35.1
netapp/cloud_backup
netapp/ontap_select_deploy_administration_utility
Published
Mar 26, 2021
Tracked Since
Feb 18, 2026