CLSA-2026-1777949670 binutils: Fix of 8 CVEs

CVE-2025-11412: fix out-of-bounds read in bfdelfgcrecordvtentry - CVE-2025-11413: fix out-of-bounds read in elflinkaddobjectsymbols - CVE-2025-11839: fix abort in tgtagtype with fuzzed input - CVE-2025-11840: fix SEGV from NULL howto name in coff reloc processing - CVE-2025-3198: fix memory leak...

CVE-2026-31521

A flaw was found in the Linux kernel. The module loader, specifically in the simplifysymbols function, does not properly validate the bounds of the ELF Executable and Linkable Format section index. An attacker could craft a malicious module with an out-of-bounds stshndx value, leading to a kernel...

Double Free

Overview Affected versions of this package are vulnerable to Double Free in the parsing process of specially crafted ELF files with the readelf program. An attacker can cause the application to crash by convincing a user to open a malicious file. This is only exploitable if a user processes an...

CLSA-2026-1767617469 binutils: Fix of CVE-2025-11083

CVE-2025-11083: fix corrupt ELF section header handling...

DEBIAN-CVE-2025-11494

A vulnerability was found in GNU Binutils 2.45. Impacted is the function bfdx86elflatesizesections of the file bfd/elfxx-x86.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. Th...

EUVD-2017-7553

Malware in sbrugna...

PT-2025-40135

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The libbpf component in the Linux kernel contains an issue where it directly uses the e shnum field in the ELF header as the section header count. This can lead to a heap-buffer overflow...

UBUNTU-CVE-2025-23338

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause an out-of-bounds write by running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service...

GNU Binutils elf.c bfd_elf_set_group_contents out-of-bounds write

...

Astra Linux - уязвимость в binutils

A potential heap based buffer overflow was found in bfdelfslurpversiontables in bfd/elf.c. This may lead to loss of availability...

Medium: cuda-opencl-12-9

Issue Overview: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this...

CVE-2017-16359

In radare 2.0.1, a pointer wraparound vulnerability exists in storeversioninfognuverdef in libr/bin/format/elf/elf.c...

CVE-2024-53873

NVIDIA CUDA toolkit for Windows contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service...

Linux Variant of Cl0p Ransomware Discovered with Flawed Encryption Algorithm

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new variant of the Cl0p ransomware for Linux has been discovered. The executable file in ELF format has a flawed encryption algorithm, which allows for the decryption of the locked files without...

LIEF 安全漏洞

LIEF is a cross-platform library from the individual developer Romain Thomas. It is used to parse, modify and abstract Elf, Pe and MachO formats. A security vulnerability exists in LIEF version v0.12.1. An attacker has exploited this vulnerability to cause a denial of service DOS via a segmentati...

LIEF 代码问题漏洞

LIEF is a cross-platform library from the individual developer Romain Thomas. It is used to parse, modify and abstract Elf, Pe and MachO formats. A code issue vulnerability exists in LIEF that stems from the inclusion of a segmentation conflict in the component CoreFile.tcc:69...

LIEF 安全漏洞

LIEF is a cross-platform library from the individual developer Romain Thomas. It is used to parse, modify and abstract Elf, Pe and MachO formats. LIEF suffers from a security vulnerability that stems from an assertion abort reachable in the component BinaryStream.hpp...

LIEF 缓冲区错误漏洞

LIEF is a cross-platform library from the individual developer Romain Thomas. It is used to parse, modify and abstract Elf, Pe and MachO formats. A security vulnerability exists in LIEF that stems from the inclusion of a heap buffer overflow in component/core/coreprpinfo.tcc...

New Malware Targets Windows Subsystem for Linux to Evade Detection

A number of malicious samples have been created for the Windows Subsystem for Linux WSL with the goal of compromising Windows machines, highlighting a sneaky method that allows the operators to stay under the radar and thwart detection by popular anti-malware engines. The "distinct tradecraft"...

Fedora 缓冲区错误漏洞

UPX is an open source executable file packaging program that supports a variety of file formats from different operating systems. A denial of service vulnerability exists in canPack in plxelf.cpp in UPX version 3.96. An attacker can exploit this vulnerability to cause the application to crash via...