Advisory ROSA-SA-2026-3277

software: binutils 2.38 WASP: ROSA-CHROME unaffected versions = binutils-2.38-8 affected versions binutils-2.38-8 CVE-ID: CVE-2025-69652 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the readelf utility of the GNU Binutils package is related to incorrect processing of specially...

CVE-2026-6844

A flaw was found in the readelf utility of the binutils package. A local attacker could exploit two Denial of Service DoS vulnerabilities by providing a specially crafted Executable and Linkable Format ELF file. One vulnerability, a resource exhaustion CWE-400, can lead to an out-of-memory...

CVE-2026-6845

A flaw was found in binutils, specifically within the readelf utility. This vulnerability allows a local attacker to cause a Denial of Service DoS by tricking a user into processing a specially crafted Executable and Linkable Format ELF file. The exploitation of this flaw can lead to the system...

UBUNTU-CVE-2026-6845

A flaw was found in binutils, specifically within the readelf utility. This vulnerability allows a local attacker to cause a Denial of Service DoS by tricking a user into processing a specially crafted Executable and Linkable Format ELF file. The exploitation of this flaw can lead to the system...

CVE-2026-6844

A flaw was found in the readelf utility of the binutils package. A local attacker could exploit two Denial of Service DoS vulnerabilities by providing a specially crafted Executable and Linkable Format ELF file. One vulnerability, a resource exhaustion CWE-400, can lead to an out-of-memory...

CVE-2026-6844 Binutils: binutils: denial of service vulnerabilities in readelf via crafted elf files

A flaw was found in the readelf utility of the binutils package. A local attacker could exploit two Denial of Service DoS vulnerabilities by providing a specially crafted Executable and Linkable Format ELF file. One vulnerability, a resource exhaustion CWE-400, can lead to an out-of-memory...

CVE-2026-6844

CVE-2026-6844 affects the readelf utility in the binutils package. A crafted ELF file can trigger two DoS conditions: (1) resource exhaustion leading to out-of-memory and (2) a null pointer dereference causing a segmentation fault. Both can render readelf unresponsive or crash, resulting in denia...

Linux Distros Unpatched Vulnerability : CVE-2026-6844

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the readelf utility of the binutils package. A local attacker could exploit two Denial of Service DoS vulnerabilities by providing a special...

DEBIAN-CVE-2025-69648

GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debugrnglists data. A logic flaw in the DWARF parsing path causes readelf to repeatedly print the same warning message without making forward progress, resulting in a...

EUVD-2025-208345

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

AZL-79595 CVE-2025-69649 affecting package binutils 2.37-20

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

CVE-2025-69651

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free when processing a crafted ELF binary with malformed relocation or symbol data. If dumprelocations returns early due to parsing errors, the internal allrelocations array may remain partially uninitialized...

CVE-2025-69650

GNU Binutils thru 2.46 readelf contains a double free vulnerability when processing a crafted ELF binary with malformed relocation data. During GOT relocation handling, dumprelocations may return early without initializing the allrelocations array. As a result, processgotsectioncontents may pass ...

CVE-2025-69649

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...

EUVD-2022-38098

Malicious code in bioql PyPI...

EUVD-2022-38097

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-45703

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow vulnerability in binutils readelf before 2.40 via function displaydebugsection in file readelf.c. CVE-2022-45703 Note that Nessus relies on...

Linux Distros Unpatched Vulnerability : CVE-2022-35205

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function displaydebugnames allows attackers to cause a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2022-35206

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Null pointer dereference vulnerability in Binutils readelf 2.38.50 via function readanddisplayattrvalue in file dwarf.c. CVE-2022-35206 Note that Nessus relies ...

The vulnerability of the `apply_relocations` function in the `binutils/readelf.c` component of the GNU Binutils development environment allows a attacker to cause a service failure.

The vulnerability of the applyrelocations function in the binutils/readelf.c component of the GNU Binutils development environment is related to integer overflow. Exploiting this vulnerability allows an attacker, operating remotely, to cause a service failure through the use of a specially create...