Advisory ROSA-SA-2026-3277

software: binutils 2.38 WASP: ROSA-CHROME unaffected versions = binutils-2.38-8 affected versions binutils-2.38-8 CVE-ID: CVE-2025-69652 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the readelf utility of the GNU Binutils package is related to incorrect processing of specially...

GNU Binutils objdump bucomm.c display_info memory leak

...

CVE-2026-6846 affecting package binutils for versions less than 2.41-12

CVE-2026-6846 affecting package binutils for versions less than 2.41-12. A patched version of the package is available...

OPENSUSE-SU-2026:20763-1 Security update for go1.25

This update for go1.25 fixes the following issues Security issues: - CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. - CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. - CVE-2026-39817: cmd/go: "go tool pack" does...

SUSE-SU-2026:21804-1 Security update for go1.26

This update for go1.26 fixes the following issues Security issues: - CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. - CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. - CVE-2026-39817: cmd/go: "go tool pack" does...

CLSA-2026-1778798046 binutils: Fix of CVE-2022-48065

CVE-2022-48065: Fix memory leak in function findabstractinstance in dwarf2.c and free allocated memory...

SUSE-SU-2026:1862-1 Security update for go1.25

This update for go1.25 fixes the following issues Security issues: - CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. - CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. - CVE-2026-39817: cmd/go: 'go tool pack' does...

Security update for go1.26

This update for go1.26 fixes the following issues Security issues: CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. CVE-2026-39817: cmd/go: "go tool pack" does not...

CLSA-2026-1778660100 binutils: Fix of CVE-2022-48063

CVE-2022-48063: fix excessive memory allocation in loadspecificdebugsection for corrupt ELF...

Unity Linux 20.1060e / 20.1070e Security Update: binutils (UTSA-2026-017409)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017409 advisory. An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to...

Unity Linux 20.1060e / 20.1070e Security Update: binutils (UTSA-2026-017633)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017633 advisory. Load value injection in some IntelR Processors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a sid...

Unity Linux 20.1060e / 20.1070e Security Update: binutils (UTSA-2026-017565)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017565 advisory. There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities...

Unity Linux 20.1060e / 20.1070e Security Update: binutils (UTSA-2026-017420)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017420 advisory. An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequence...

ROS-20260506-73-0008

Vulnerability in binutils related to execution of a loop with an unreachable exit condition. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260506-73-0009

Vulnerability in binutils related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260506-73-0005

A vulnerability in the processdebuginfo function of the GNU Binutils development tool is related to improper cleanup during exception handling. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260506-73-0006

A vulnerability in the displayrelocations function of the GNU Binutils development tool is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260506-73-0007

Vulnerability in binutils related to execution of a loop with an unreachable exit condition. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CLSA-2026-1778020045 binutils: Fix of CVE-2021-3826

CVE-2021-3826: fix heap/stack buffer overflow in dlanglname libiberty d-demangle.c via missing length check in dlangsymbolbackref...

CLSA-2026-1777995474 binutils: Fix of CVE-2025-7545

CVE-2025-7545: fix heap buffer overflow in objcopy copysection...