Gnu Binutils vulnerabilities

CVE-2025-11495 [LOW] CWE-119 CVE-2025-11495: A vulnerability was determined in GNU Binutils 2.45. The affected element is the function elf_x86_64 A vulnerability was determined in GNU Binutils 2.45. The affected element is the function elf_x86_64_relocate_section of the file elf64-x86-64.c of the component Linker. This manipulation causes heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Patch name: 6b21c8b2ecfef5c95

CVE-2025-11494 [LOW] CWE-119 CVE-2025-11494: A vulnerability was found in GNU Binutils 2.45. Impacted is the function _bfd_x86_elf_late_size_sect A vulnerability was found in GNU Binutils 2.45. Impacted is the function _bfd_x86_elf_late_size_sections of the file bfd/elfxx-x86.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. The patch is identified as b6ac5a8a5b82f0ae6a4642c8d7

CVE-2025-11413 [LOW] CWE-119 CVE-2025-11413: A vulnerability was found in GNU Binutils 2.45. Affected is the function elf_link_add_object_symbols A vulnerability was found in GNU Binutils 2.45. Affected is the function elf_link_add_object_symbols of the file bfd/elflink.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. Upgrading to version 2.46 is able to address this issue. Th

CVE-2025-11412 [LOW] CWE-119 CVE-2025-11412: A vulnerability has been found in GNU Binutils 2.45. This impacts the function bfd_elf_gc_record_vte A vulnerability has been found in GNU Binutils 2.45. This impacts the function bfd_elf_gc_record_vtentry of the file bfd/elflink.c of the component Linker. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 047435dd9

CVE-2025-11414 [LOW] CWE-119 CVE-2025-11414: A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function get_link_hash_entry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.46 addresses t

CVE-2025-11082 [LOW] CWE-119 CVE-2025-11082: A flaw has been found in GNU Binutils 2.45. Impacted is the function _bfd_elf_parse_eh_frame of the A flaw has been found in GNU Binutils 2.45. Impacted is the function _bfd_elf_parse_eh_frame of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. This patch is called ea1a0737c7692737a644af0486b71

CVE-2025-11081 [LOW] CWE-119 CVE-2025-11081: A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dump_dwarf_sectio A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dump_dwarf_section of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit is now public and may be used. The patch is named f87a66db645caf8cc0e6fc87b0c28c78a38af59b. It is suggeste

CVE-2025-11083 [LOW] CWE-119 CVE-2025-11083: A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elf_swap_s A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elf_swap_shdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 9ca499644

CVE-2025-8224 [LOW] CWE-404 CVE-2025-8224: A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerabilit A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfd_elf_get_str_section of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be

CVE-2025-8225 [LOW] CWE-401 CVE-2025-8225: A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function process_debug_info of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patch is e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4. It is reco

CVE-2025-7546 [LOW] CWE-119 CVE-2025-7546: A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfd_elf_set_group_contents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The name of t

CVE-2025-7545 [LOW] CWE-119 CVE-2025-7545: A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerabi A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copy_section of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is named 08c3cbe5926e4d355b5

CVE-2025-5244 [MEDIUM] CWE-119 CVE-2025-5244: A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by thi A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elf_gc_sweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 2

CVE-2025-5245 [MEDIUM] CWE-119 CVE-2025-5245: A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the f A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debug_type_samep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommend

CVE-2025-3198 [MEDIUM] CWE-401 CVE-2025-3198: A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function display_info of the file binutils/bucomm.c of the component objdump. The manipulation leads to memory leak. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch

CVE-2024-57360 [MEDIUM] binutils vulnerabilities binutils vulnerabilities It was discovered that GNU binutils in nm tool is affected by an incorrect access control. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. (CVE-2024-57360) It was discovered that GNU binutils incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2025-0840)

CVE-2025-1178 [MEDIUM] CWE-119 CVE-2025-1178: A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by thi A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by this vulnerability is the function bfd_putl64 of the file libbfd.c of the component ld. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult.

CVE-2025-1180 [LOW] CWE-119 CVE-2025-1180: A vulnerability classified as problematic has been found in GNU Binutils 2.43. This affects the func A vulnerability classified as problematic has been found in GNU Binutils 2.43. This affects the function _bfd_elf_write_section_eh_frame of the file bfd/elf-eh-frame.c of the component ld. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to

CVE-2025-1182 [LOW] CWE-119 CVE-2025-1182: A vulnerability, which was classified as critical, was found in GNU Binutils 2.43. Affected is the f A vulnerability, which was classified as critical, was found in GNU Binutils 2.43. Affected is the function bfd_elf_reloc_symbol_deleted_p of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be di

CVE-2025-1181 [LOW] CWE-119 CVE-2025-1181: A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects th A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function _bfd_elf_gc_mark_rsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exp