CVE-2021-3549

Name
CVE-2021-3549
Description
An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avr_elf32_load_records_from_section() probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as well as system availability.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://bugzilla.redhat.com/show_bug.cgi?id=1960717
Third Party Advisory https://security.gentoo.org/glsa/202208-30
af854a3a-2127-422b-91ae-364da2661108 https://security.netapp.com/advisory/ntap-20250228-0005/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:gnu:binutils:2.36:*:*:*:*:*:*:* binutils == None == 2.36

Vulnerable and fixed packages

Source package Branch Version Maintainer Status