Gnu Binutils vulnerabilities

CVE-2025-1179 [LOW] CWE-119 CVE-2025-1179: A vulnerability was found in GNU Binutils 2.43. It has been rated as critical. Affected by this issu A vulnerability was found in GNU Binutils 2.43. It has been rated as critical. Affected by this issue is the function bfd_putl64 of the file bfd/libbfd.c of the component ld. The manipulation leads to memory corruption. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit

CVE-2025-1176 [LOW] CWE-119 CVE-2025-1176: A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the fu A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the function _bfd_elf_gc_mark_rsec of the file elflink.c of the component ld. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The e

CVE-2025-1152 [LOW] CWE-401 CVE-2025-1152: A vulnerability classified as problematic has been found in GNU Binutils 2.43. Affected is the funct A vulnerability classified as problematic has been found in GNU Binutils 2.43. Affected is the function xstrdup of the file xstrdup.c of the component ld. The manipulation leads to memory leak. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclos

CVE-2025-1149 [LOW] CWE-401 CVE-2025-1149: A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the component ld. The manipulation leads to memory leak. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The expl

CVE-2025-1153 [LOW] CWE-119 CVE-2025-1153: A vulnerability classified as problematic was found in GNU Binutils 2.43/2.44. Affected by this vuln A vulnerability classified as problematic was found in GNU Binutils 2.43/2.44. Affected by this vulnerability is the function bfd_set_format of the file format.c. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 2.45

CVE-2025-1147 [LOW] CWE-119 CVE-2025-1147: A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this vulnerability is the function __sanitizer::internal_strlen of the file binutils/nm.c of the component nm. The manipulation of the argument const leads to buffer overflow. The attack can be launched remotely. The complexity of an attack is rather high. The e

CVE-2025-1151 [LOW] CWE-401 CVE-2025-1151: A vulnerability was found in GNU Binutils 2.43. It has been rated as problematic. This issue affects A vulnerability was found in GNU Binutils 2.43. It has been rated as problematic. This issue affects the function xmemdup of the file xmemdup.c of the component ld. The manipulation leads to memory leak. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclo

CVE-2025-1148 [LOW] CWE-401 CVE-2025-1148: A vulnerability was found in GNU Binutils 2.43 and classified as problematic. Affected by this issue A vulnerability was found in GNU Binutils 2.43 and classified as problematic. Affected by this issue is the function link_order_scan of the file ld/ldelfgen.c of the component ld. The manipulation leads to memory leak. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit h

CVE-2025-1150 [LOW] CWE-401 CVE-2025-1150: A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. This vulnerabil A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. This vulnerability affects the function bfd_malloc of the file libbfd.c of the component ld. The manipulation leads to memory leak. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has

CVE-2025-0840 [MEDIUM] CWE-119 CVE-2025-0840: A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This aff A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemble_bytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability

CVE-2024-53589 [HIGH] CVE-2024-53589: GNU objdump 2 GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD (Binary File Descriptor) library's handling of tekhex format files.

CVE-2023-25584 [HIGH] CWE-125 CVE-2023-25584: An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils. An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils.

CVE-2023-25585 [MEDIUM] CWE-457 CVE-2023-25585: A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may lea A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may lead to application crash and local denial of service.

CVE-2023-25588 [MEDIUM] CWE-457 CVE-2023-25588: A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the `bfd_ma A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the `bfd_mach_o_get_synthetic_symtab` function, which may lead to an application crash and local denial of service.

CVE-2023-25586 [MEDIUM] CWE-457 CVE-2023-25586: A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may le A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may lead to the use of an uninitialized variable that can cause a crash and local denial of service.

CVE-2022-44840 [HIGH] CWE-787 CVE-2022-44840: Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c.

CVE-2021-46174 [HIGH] CWE-787 CVE-2021-46174: Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37. Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37.

CVE-2022-47695 [HIGH] CWE-400 CVE-2022-47695: An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function bfd_mach_o_get_synthetic_symtab in match-o.c.

CVE-2022-47673 [HIGH] CWE-125 CVE-2022-47673: An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts.

CVE-2022-45703 [HIGH] CWE-787 CVE-2022-45703: Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_sectio Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c.