Gnu Binutils vulnerabilities

CVE-2025-11413 [MEDIUM] CWE-119 CVE-2025-11413: A vulnerability was found in GNU Binutils 2.45. Affected is the function elf_link_add_object_symbols A vulnerability was found in GNU Binutils 2.45. Affected is the function elf_link_add_object_symbols of the file bfd/elflink.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. Upgrading to version 2.46 is able to address this issue.

CVE-2025-11414 [MEDIUM] CWE-119 CVE-2025-11414: A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function get_link_hash_entry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.46 addresse

CVE-2025-11081 [MEDIUM] CWE-119 CVE-2025-11081: A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dump_dwarf_sectio A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dump_dwarf_section of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit is now public and may be used. The patch is named f87a66db645caf8cc0e6fc87b0c28c78a38af59b. It is sugge

CVE-2025-11082 [MEDIUM] CWE-119 CVE-2025-11082: A flaw has been found in GNU Binutils 2.45. Impacted is the function _bfd_elf_parse_eh_frame of the A flaw has been found in GNU Binutils 2.45. Impacted is the function _bfd_elf_parse_eh_frame of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. This patch is called ea1a0737c7692737a644af0486

CVE-2025-11083 [MEDIUM] CWE-119 CVE-2025-11083: A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elf_swap_s A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elf_swap_shdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 9ca499

CVE-2025-8224 [MEDIUM] CWE-404 CVE-2025-8224: A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerabilit A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfd_elf_get_str_section of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may

CVE-2025-8225 [MEDIUM] CWE-401 CVE-2025-8225: A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function process_debug_info of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patch is e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4. It is r

CVE-2025-7546 [MEDIUM] CWE-119 CVE-2025-7546: A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfd_elf_set_group_contents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The name o

CVE-2025-7545 [MEDIUM] CWE-119 CVE-2025-7545: A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerabi A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copy_section of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is named 08c3cbe5926e4d35

CVE-2025-5245 [MEDIUM] CWE-119 CVE-2025-5245: A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the f A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debug_type_samep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommend

CVE-2025-5244 [MEDIUM] CWE-119 CVE-2025-5244: A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by thi A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elf_gc_sweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 2

CVE-2025-3198 [MEDIUM] CWE-401 CVE-2025-3198: A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function display_info of the file binutils/bucomm.c of the component objdump. The manipulation leads to memory leak. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch

CVE-2025-1178 [MEDIUM] CWE-119 CVE-2025-1178: A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by thi A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by this vulnerability is the function bfd_putl64 of the file libbfd.c of the component ld. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult.

CVE-2025-1181 [LOW] CWE-119 CVE-2025-1181: A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects th A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function _bfd_elf_gc_mark_rsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exp

CVE-2025-1180 [LOW] CWE-119 CVE-2025-1180: A vulnerability classified as problematic has been found in GNU Binutils 2.43. This affects the func A vulnerability classified as problematic has been found in GNU Binutils 2.43. This affects the function _bfd_elf_write_section_eh_frame of the file bfd/elf-eh-frame.c of the component ld. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to

CVE-2025-1182 [LOW] CWE-119 CVE-2025-1182: A vulnerability, which was classified as critical, was found in GNU Binutils 2.43. Affected is the f A vulnerability, which was classified as critical, was found in GNU Binutils 2.43. Affected is the function bfd_elf_reloc_symbol_deleted_p of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be di

CVE-2025-1176 [LOW] CWE-119 CVE-2025-1176: A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the fu A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the function _bfd_elf_gc_mark_rsec of the file elflink.c of the component ld. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The e

CVE-2025-1179 [LOW] CWE-119 CVE-2025-1179: A vulnerability was found in GNU Binutils 2.43. It has been rated as critical. Affected by this issu A vulnerability was found in GNU Binutils 2.43. It has been rated as critical. Affected by this issue is the function bfd_putl64 of the file bfd/libbfd.c of the component ld. The manipulation leads to memory corruption. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit

CVE-2025-1152 [LOW] CWE-401 CVE-2025-1152: A vulnerability classified as problematic has been found in GNU Binutils 2.43. Affected is the funct A vulnerability classified as problematic has been found in GNU Binutils 2.43. Affected is the function xstrdup of the file xstrdup.c of the component ld. The manipulation leads to memory leak. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclos

CVE-2025-1147 [LOW] CWE-119 CVE-2025-1147: A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this vulnerability is the function __sanitizer::internal_strlen of the file binutils/nm.c of the component nm. The manipulation of the argument const leads to buffer overflow. The attack can be launched remotely. The complexity of an attack is rather high. The e