What is the severity of CVE-2020-16593?

CVE-2020-16593 has been classified with a moderate severity level due to its potential to cause denial of service.

How do I fix CVE-2020-16593?

To fix CVE-2020-16593, it is recommended to upgrade to a patched version of GNU Binutils that addresses the vulnerability.

What does the vulnerability CVE-2020-16593 affect?

CVE-2020-16593 affects the Binary File Descriptor library (libbfd) in GNU Binutils version 2.35.

What could be the consequences of CVE-2020-16593?

Exploitation of CVE-2020-16593 could lead to a denial of service condition when processing a crafted input file.

Which products are impacted by CVE-2020-16593?

Products such as GNU Binutils 2.35 and various NetApp solutions including Cloud Backup and ONTAP Select are impacted by CVE-2020-16593.

Vulnerability/
CVE-2020-16593

medium

5.5

CWE

476

9/12/2020

4/8/2024

CVE-2020-16593: Null Pointer Dereference

First published: Wed Dec 09 2020(Updated: )

A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
GNU Binutils	=2.35
NetApp Cloud Backup
NetApp ONTAP Select Deploy
NetApp SolidFire & HCI Management Node

Remedy

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=aec72fda3b320c36eb99fc1c4cf95b10fc026729

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2020-16593?
CVE-2020-16593 has been classified with a moderate severity level due to its potential to cause denial of service.
How do I fix CVE-2020-16593?
To fix CVE-2020-16593, it is recommended to upgrade to a patched version of GNU Binutils that addresses the vulnerability.
What does the vulnerability CVE-2020-16593 affect?
CVE-2020-16593 affects the Binary File Descriptor library (libbfd) in GNU Binutils version 2.35.
What could be the consequences of CVE-2020-16593?
Exploitation of CVE-2020-16593 could lead to a denial of service condition when processing a crafted input file.
Which products are impacted by CVE-2020-16593?
Products such as GNU Binutils 2.35 and various NetApp solutions including Cloud Backup and ONTAP Select are impacted by CVE-2020-16593.

agent/type
agent/severity
agent/author
agent/remedy
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/references
agent/first-publish-date
agent/event
agent/source
agent/weakness
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/gnu
canonical/gnu binutils
version/gnu binutils/2.35
vendor/netapp
canonical/netapp cloud backup
canonical/netapp ontap select deploy
canonical/netapp solidfire & hci management node

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.