CVE-2020-21490

Published: Aug 22, 2023Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

An issue was discovered in GNU Binutils 2.34. It is a memory leak when process microblaze-dis.c. This one will consume memory on each insn disassembled.

Affected (1)

Products: Gnu: Binutils

Gnu

1 product

Binutils

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Gnu Binutils	Before 2.34

Related CWEs

CWE-401

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (6)

https://security.netapp.com/advisory/ntap-20230929-0007/

Source: cve@mitre.org

https://sourceware.org/bugzilla/show_bug.cgi?id=25249

Source: cve@mitre.org

ExploitIssue TrackingThird Party Advisory

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=378fd436405b3051df34ac995b2e03fe1f3d1907

Source: cve@mitre.org

https://security.netapp.com/advisory/ntap-20230929-0007/

Source: af854a3a-2127-422b-91ae-364da2661108

https://sourceware.org/bugzilla/show_bug.cgi?id=25249

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingThird Party Advisory

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=378fd436405b3051df34ac995b2e03fe1f3d1907

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.