Buffer Overflow Vulnerability in GNU objdump by GNU
CVE-2024-53589
8.4HIGH
Summary
The GNU objdump tool, particularly version 2.43, is prone to a buffer overflow vulnerability in the BFD library when processing tekhex format files. This flaw could allow attackers to potentially exploit the handling of malformed input files, leading to unexpected behavior or crashes in the application, allowing for unauthorized access or further exploitation within the system. Users are advised to update to the latest version and apply relevant security patches to mitigate this risk.
References
CVSS V3.1
Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved