CLSA-2025-1754649018 Fix CVE(s): CVE-2025-1176

SECURITY UPDATE: heap-based Buffer Overflow in ELF ld Component - debian/patches/CVE-2025-1176.patch: prevent illegal memory access when indexing into the symhashes array of the elf bfd cookie structure - CVE-2025-1176...

Astra Linux - уязвимость в binutils

A vulnerability has been discovered in GNU Binutils 2.45. This vulnerability affects the function bfdelfgcrecordvtentry in the file bfd/elflink.c of the Linker component. Manipulation of this function can lead to out-of-bounds reading. Access to local resources is required to carry out this attac...

Astra Linux - уязвимость в binutils

Heap-based Buffer Overflow in the bfdgetl32 function in Binutils objdump 3.37...

Astra Linux - уязвимость в binutils

A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in the GNU Binutils through version 2.31. There is an integer overflow and an infinite loop caused by the ISCONTAINEDBYLMA macro in elf.c...

OSV-2026-759 UNKNOWN READ in bfd_getb32

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513690224 Crash type: UNKNOWN READ Crash state: bfdgetb32 nds32elflo12reloc bfdperformrelocation...

K000150508: BIG-IP BFD vulnerability CVE-2026-34019

Security Advisory Description When Bidirectional Forwarding Detection BFD is configured in Static and Dynamic routing protocols, undisclosed traffic can cause the Traffic Management Microkernel TMM to stop processing BFD packets and cause the configured routing protocol to fail over. CVE-2026-340...

Astra Linux - уязвимость в binutils

There's a flaw in bfdpefscanstartaddress of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions...

Astra Linux - уязвимость в binutils

A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.32. It is an out-of-bounds read that leads to a segmentation fault in bfdgetl32 in libbfd.c, when called from pex64getruntimefunction in pei-x8664.c...

Astra Linux - уязвимость в ovn

A flaw was discovered in the Open Virtual Network OVN. In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from within unprivileged workloads, including virtual machines or containers, which can trigger a denial of...

Astra Linux - уязвимость в binutils

A flaw was found in Binutils. The field thebfd of asymbolstruct is uninitialized in the bfdmachogetsyntheticsymtab function, which may lead to an application crash and local denial of service...

Astra Linux - уязвимость в binutils

A vulnerability classified as problematic was discovered in GNU Binutils 2.43/2.44. The function bfdsetformat in the file format.c is affected by this vulnerability. Manipulation of this function leads to memory corruption. The attack can be launched remotely. The complexity of executing this...

Astra Linux - уязвимость в binutils

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in readreloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, a...

Astra Linux - уязвимость в binutils

A vulnerability has been discovered in GNU Binutils 2.43. This vulnerability has been identified as problematic. The function bfdputl64 in the file libbfd.c of the component ld is affected by this vulnerability. Manipulation of this function leads to memory corruption. The attack can be launched...

CLSA-2026-1776177493 Fix CVE(s): CVE-2025-11082

SECURITY UPDATE: fix heap-based buffer overflow in bfdelfparseehframe - debian/patches/CVE-2025-11082.patch: add bounds check before reading buf1 in the legacy "eh" CIE path - CVE-2025-11082...

Unity Linux 20.1070e Security Update: binutils (UTSA-2026-007090)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007090 advisory. A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfdelfsetgroupcontents of the file...

Binutils: out-of-bounds read in xcoff relocation processing in gnu binutils bfd library

...

SUSE CVE-2026-4647

A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can caus...

UBUNTU-CVE-2026-4647

A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can caus...

CVE-2026-4647

A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can caus...

CVE-2026-4647 Binutils: out-of-bounds read in xcoff relocation processing in gnu binutils bfd library

A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can caus...