CVE-2025-69645 — Uncontrolled Resource Consumption in Binutils
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 99.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 6
Latest updateMar 10
Description
Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offset_size value being used inside byte_get_little_endian, leading to an abort (SIGABRT). The issue was observed in binutils 2.44. A local attacker can trigger the crash by supplying a malicious input file.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages1 packages
🔴Vulnerability Details
3GHSA▶
GHSA-r62f-9x32-57f4: Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information↗2026-03-06
CVEList▶
CVE-2025-69645: Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information↗2026-03-06
OSV▶
CVE-2025-69645: Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information↗2026-03-06
📋Vendor Advisories
3Microsoft▶
Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result↗2026-03-10
Red Hat
▶
Debian▶
CVE-2025-69645: binutils - Binutils objdump contains a denial-of-service vulnerability when processing a cr...↗2025
🕵️Threat Intelligence
1💬Community
1Bugzilla▶
CVE-2025-69645 mingw-binutils: Binutils objdump: Denial of Service via crafted DWARF debug information [fedora-all]↗2026-03-06