Memory Manipulation Vulnerability in Binutils from Sourceware
CVE-2020-19726

8.8HIGH

Key Information:

Vendor: Gnu
Status: Binutils
Vendor: CVE Published:; 22 August 2023

What is CVE-2020-19726?

A significant vulnerability has been identified in the Binutils software, specifically within libbfd.c version 2.36. This issue can allow attackers to exploit auxiliary symbol data, potentially enabling them to read from or write to system memory. This could lead to unauthorized access or manipulation of sensitive data and may result in denial of service, impacting system stability and availability.

References

https://sourceware.org/bugzilla/show_bug.cgi?id=26240

https://sourceware.org/bugzilla/show_bug.cgi?id=26241

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 22, 2023
Vulnerability Reserved
Aug 13, 2020

Gnu

What is CVE-2020-19726?

References

CVSS V3.1

Timeline