CVE-2024-53589
published 2024-12-05CVE-2024-53589: GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD (Binary File Descriptor) library's handling of tekhex format files.
high8.4CVSS 3.1
AVLACLPRNUINSUCHIHAH
GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD (Binary File Descriptor) library's handling of tekhex format files.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | binutils | < binutils 2.44-1 (forky) | binutils 2.44-1 (forky) |
| gnu | binutils | >= 0 < 2.44-1 | 2.44-1 |
| gnu | binutils | >= 0 < 2.44-1 | 2.44-1 |
| msrc | azl3_binutils_2.41-5_on_azure_linux_3.0 | — | — |
| msrc | azl3_crash_8.0.4-4_on_azure_linux_3.0 | — | — |
| msrc | cbl2_binutils_2.37-14_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_crash_8.0.1-4_on_cbl_mariner_2.0 | — | — |
CVSS provenance
nvdv3.18.4HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv8.4HIGH