CVE-2026-3441

CWE-125 โ€” Out-of-bounds Read7 documents7 sources
Severity
7.1HIGH
EPSS
0.0%
top 99.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Redhat Enterprise LinuxRedhat Openshift Container Platform
Timeline
PublishedMar 16

Description

A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a specially crafted XCOFF object file, an attacker can trigger this flaw, potentially leading to information disclosure or an application level denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:LExploitability: 1.8 | Impact: 4.2

Affected Packages0 packages

Also affects: Enterprise Linux 10.0, 6.0, 7.0, 8.0, 9.0, Openshift Container Platform 4.0

๐Ÿ”ดVulnerability Details

3
GHSA
GHSA-8444-p2rx-h3vp: A flaw was found in GNU Binutilsโ†—2026-03-16
โ–ถ
OSV
CVE-2026-3441: A flaw was found in GNU Binutilsโ†—2026-03-16
โ–ถ
CVEList
Binutils: gnu binutils: information disclosure via specially crafted xcoff object fileโ†—2026-03-15
โ–ถ

๐Ÿ“‹Vendor Advisories

2
Red Hat
binutils: GNU Binutils: Information disclosure via specially crafted XCOFF object fileโ†—2026-03-02
โ–ถ
Debian
CVE-2026-3441: binutils - A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability,...โ†—2026
โ–ถ

๐Ÿ•ต๏ธThreat Intelligence

1
Wiz
CVE-2026-3441 Impact, Exploitability, and Mitigation Steps | Wizโ†—
โ–ถ