CVE-2026-3442

CWE-125 โ€” Out-of-bounds Read7 documents7 sources
Severity
7.1HIGH
EPSS
0.0%
top 99.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Redhat Enterprise LinuxRedhat Openshift Container Platform
Timeline
PublishedMar 16

Description

A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may lead to the disclosure of sensitive information or cause the application to crash, resulting in an application level denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:LExploitability: 1.8 | Impact: 4.2

Affected Packages0 packages

Also affects: Enterprise Linux 10.0, 6.0, 7.0, 8.0, 9.0, Openshift Container Platform 4.0

๐Ÿ”ดVulnerability Details

3
GHSA
GHSA-j3rv-75wm-77rm: A flaw was found in GNU Binutilsโ†—2026-03-16
โ–ถ
OSV
CVE-2026-3442: A flaw was found in GNU Binutilsโ†—2026-03-16
โ–ถ
CVEList
Binutils: gnu binutils: information disclosure or denial of service via out-of-bounds read in bfd linkerโ†—2026-03-15
โ–ถ

๐Ÿ“‹Vendor Advisories

2
Red Hat
binutils: GNU Binutils: Information disclosure or denial of service via out-of-bounds read in bfd linkerโ†—2026-03-02
โ–ถ
Debian
CVE-2026-3442: binutils - A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overfl...โ†—2026
โ–ถ

๐Ÿ•ต๏ธThreat Intelligence

1
Wiz
CVE-2026-3442 Impact, Exploitability, and Mitigation Steps | Wizโ†—
โ–ถ