GNU binutils objdump Utility 2.36 Out-of-Bounds Flaw: Integrity and System Availability Vulnerability

GNU binutils objdump Utility 2.36 Out-of-Bounds Flaw: Integrity and System Availability Vulnerability

CVE-2021-3549 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avr_elf32_load_records_from_section() probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as well as system availability.

Learn more about our Web Application Penetration Testing UK.