Candidate: CVE-2020-16591
PublicDate: 2020-12-09 21:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16591
Description:
 A Denial of Service vulnerability exists in the Binary File Descriptor
 (BFD) in GNU Binutils 2.35 due to an invalid read in process_symbol_table,
 as demonstrated in readeif.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
 https://sourceware.org/bugzilla/show_bug.cgi?id=25822
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H [5.5 MEDIUM]


Patches_binutils:
 upstream: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=001890e1f9269697f7e0212430a51479271bdab2
upstream_binutils: needs-triage
precise/esm_binutils: not-affected (code not present)
trusty_binutils: ignored (out of standard support)
trusty/esm_binutils: not-affected (code not present)
xenial_binutils: not-affected (code not present)
esm-infra/xenial_binutils: not-affected (code not present)
bionic_binutils: not-affected (code not present)
focal_binutils: not-affected (code not present)
groovy_binutils: not-affected (2.35.1-1ubuntu1)
devel_binutils: not-affected (2.35.50.20201210-0ubuntu2)