CVE-2021-46174Out-of-bounds Write in Binutils

CWE-787Out-of-bounds Write10 documents7 sources
Severity
7.5HIGHNVD
EPSS
0.0%
top 89.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU Binutils
Timeline
PublishedAug 22
Latest updateDec 11

Description

Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDgnu/binutils< 2.38
Debiangnu/binutils< 2.37.90.20220207-1+2

🔴Vulnerability Details

5
OSV
binutils vulnerabilities2023-12-11
OSV
binutils vulnerabilities2023-09-18
CVEList
CVE-2021-46174: Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 32023-08-22
GHSA
GHSA-cv46-gf8j-q5p9: Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 32023-08-22
OSV
CVE-2021-46174: Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 32023-08-22

📋Vendor Advisories

4
Ubuntu
GNU binutils vulnerabilities2023-12-11
Ubuntu
GNU binutils vulnerabilities2023-09-18
Red Hat
binutils: heap-based buffer overflow in bfd_getl32() in libbfd.c via objdump2022-01-08
Debian
CVE-2021-46174: binutils - Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37.2021
CVE-2021-46174 — Out-of-bounds Write in GNU Binutils | cvebase