A flaw was discovered in objdump as distributed in GNU Binutils version 2.36. A large section parameter can be passed to avr_elf32_load_records_from_section() leading to DoS and memory corruption.
Created binutils tracking bugs for this issue:
Affects: fedora-all [bug 1960718]
Created mingw-binutils tracking bugs for this issue:
Affects: fedora-all [bug 1960719]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):