CVE-2021-3487
Summary
| CVE | CVE-2021-3487 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2021-04-15 14:15:00 UTC |
|---|
| Updated | 2023-11-20 05:15:00 UTC |
|---|
| Description | There's a flaw in the BFD library of binutils in versions before 2.36. An attacker who supplies a crafted file to an application linked with BFD, and using the DWARF functionality, could cause an impact to system availability by way of excessive memory consumption. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| GNU Binutils: Multiple Vulnerabilities (GLSA 202208-30) — Gentoo security |
GENTOO |
security.gentoo.org |
|
| [SECURITY] Fedora 33 Update: mingw-binutils-2.34-8.fc33 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| [SECURITY] Fedora 32 Update: mingw-binutils-2.32-10.fc32 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| [SECURITY] Fedora 33 Update: mingw-binutils-2.34-8.fc33 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| 1947111 – (CVE-2021-3487) CVE-2021-3487 binutils: excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section() |
MISC |
bugzilla.redhat.com |
|
| [SECURITY] Fedora 34 Update: mingw-binutils-2.34-8.fc34 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| [SECURITY] Fedora 34 Update: mingw-binutils-2.34-8.fc34 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| [SECURITY] Fedora 32 Update: mingw-binutils-2.32-10.fc32 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 159495 Oracle Enterprise Linux Security Update for binutils (ELSA-2021-4364)
- 183095 Debian Security Update for binutils (CVE-2021-3487)
- 198551 Ubuntu Security Notification for GNU binutils Vulnerabilities (USN-5124-1)
- 239817 Red Hat Update for binutils (RHSA-2021:4364)
- 281320 Fedora Security Update for mingw (FEDORA-2021-d23d016509)
- 281321 Fedora Security Update for mingw (FEDORA-2021-9bd201dd4d)
- 281322 Fedora Security Update for mingw (FEDORA-2021-7ca24ddc86)
- 296059 Oracle Solaris 11.4 Support Repository Update (SRU) 36.0.1.101.2 Missing (CPUJUL2021)
- 352841 Amazon Linux Security Advisory for gcc10-binutils: ALAS2-2021-1702
- 500067 Alpine Linux Security Update for binutils
- 501384 Alpine Linux Security Update for binutils
- 670423 EulerOS Security Update for binutils (EulerOS-SA-2021-1976)
- 670442 EulerOS Security Update for binutils (EulerOS-SA-2021-2058)
- 670453 EulerOS Security Update for binutils (EulerOS-SA-2021-2047)
- 670454 EulerOS Security Update for binutils (EulerOS-SA-2021-2212)
- 671710 EulerOS Security Update for binutils (EulerOS-SA-2022-1706)
- 690062 Free Berkeley Software Distribution (FreeBSD) Security Update for binutils (f4c54b81-bcc8-11eb-a7a6-080027f515ea)
- 710599 Gentoo Linux GNU Binutils Multiple Vulnerabilities (GLSA 202208-30)
- 751313 SUSE Enterprise Linux Security Update for binutils (SUSE-SU-2021:3593-1)
- 751321 SUSE Enterprise Linux Security Update for binutils (SUSE-SU-2021:3616-1)
- 751331 OpenSUSE Security Update for binutils (openSUSE-SU-2021:3616-1)
- 751350 OpenSUSE Security Update for binutils (openSUSE-SU-2021:1475-1)
- 751916 SUSE Enterprise Linux Security Update for binutils (SUSE-SU-2022:0934-1)
- 900099 CBL-Mariner Linux Security Update for binutils 2.32
- 903236 Common Base Linux Mariner (CBL-Mariner) Security Update for binutils (4076)
- 940080 AlmaLinux Security Update for binutils (ALSA-2021:4364)
- 960767 Rocky Linux Security Update for binutils (RLSA-2021:4364)
