CVE-2025-7546

CWE-119Buffer OverflowCWE-787Out-of-bounds Write8 documents8 sources
Severity
4.8MEDIUM
EPSS
0.0%
top 93.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU Binutils
Timeline
PublishedJul 13
Latest updateOct 29

Description

A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfd_elf_set_group_contents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The name of the patch is 41461010eb7c79fee7a9d5f6209accdaac66cc6b. It is recommended to apply a patch to fix this issue.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Packages3 packages

Debianbinutils< 2.45-3
CVEListV5gnu/binutils2.45
NVDgnu/binutils2.45

🔴Vulnerability Details

3
GHSA
GHSA-v8v5-48x9-6r8p: A vulnerability, which was classified as problematic, has been found in GNU Binutils 22025-07-14
OSV
CVE-2025-7546: A vulnerability, which was classified as problematic, has been found in GNU Binutils 22025-07-13
CVEList
GNU Binutils elf.c bfd_elf_set_group_contents out-of-bounds write2025-07-13

📋Vendor Advisories

4
Ubuntu
GNU binutils vulnerabilities2025-10-29
Red Hat
binutils: Binutils: Out-of-bounds Write Vulnerability2025-07-13
Microsoft
GNU Binutils elf.c bfd_elf_set_group_contents out-of-bounds write2025-07-08
Debian
CVE-2025-7546: binutils - A vulnerability, which was classified as problematic, has been found in GNU Binu...2025
CVE-2025-7546 (MEDIUM CVSS 4.8) | A vulnerability | cvebase.io