CLSA-2025-1754649018 Fix CVE(s): CVE-2025-1176

SECURITY UPDATE: heap-based Buffer Overflow in ELF ld Component - debian/patches/CVE-2025-1176.patch: prevent illegal memory access when indexing into the symhashes array of the elf bfd cookie structure - CVE-2025-1176...

Siemens S7-1500 Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2025-11413)

A vulnerability was found in GNU Binutils 2.45. Affected is the function elflinkaddobjectsymbols of the file bfd/elflink.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used...

RLSA-2025:20155 Moderate: binutils security update

The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fixes: binutils: GNU Binutils ld...

GNU Binutils Linker elflink.c bfd_elf_gc_record_vtentry out-of-bounds

...

CVE-2025-11494

A vulnerability was found in GNU Binutils 2.45. Impacted is the function bfdx86elflatesizesections of the file bfd/elfxx-x86.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. Th...

PT-2025-41304

Name of the Vulnerable Software and Affected Versions GNU Binutils version 2.45 Description An issue exists in GNU Binutils that involves an out-of-bounds read within the bfd x86 elf late size sections function, located in the bfd/elfxx-x86.c file of the Linker component. The vulnerability is...

AZL-68397 CVE-2025-11414 affecting package gdb for versions less than 11.2-10

A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function getlinkhashentry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and...

CVE-2025-11412

A vulnerability has been found in GNU Binutils 2.45. This impacts the function bfdelfgcrecordvtentry of the file bfd/elflink.c of the component Linker. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and...

CVE-2025-11413

A vulnerability was found in GNU Binutils 2.45. Affected is the function elflinkaddobjectsymbols of the file bfd/elflink.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used...

DEBIAN-CVE-2025-11413

A vulnerability was found in GNU Binutils 2.45. Affected is the function elflinkaddobjectsymbols of the file bfd/elflink.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used...

CVE-2025-11413

CVE-2025-11413 : In GNU Binutils 2.45, the vulnerability affects the linker component, specifically the function elf_link_add_object_symbols in bfd/elflink.c, which may cause an out-of-bounds read. The issue requires local access to exploit, and an exploit has been made public. A fix is available...

CVE-2025-11413 GNU Binutils Linker elflink.c elf_link_add_object_symbols out-of-bounds

A vulnerability was found in GNU Binutils 2.45. Affected is the function elflinkaddobjectsymbols of the file bfd/elflink.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used...

PT-2025-41192

Name of the Vulnerable Software and Affected Versions GNU Binutils versions prior to 2.46 Description A flaw exists in the Linker component of GNU Binutils, specifically within the elf link add object symbols function located in the bfd/elflink.c file. This issue leads to an out-of-bounds read...

AZL-62047 CVE-2025-5244 affecting package gdb for versions less than 11.2-10

A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elfgcsweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed...

AZL-56664 CVE-2025-1181 affecting package binutils for versions less than 2.37-13

A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function bfdelfgcmarkrsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather...

UBUNTU-CVE-2025-1181

A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function bfdelfgcmarkrsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather...

DEBIAN-CVE-2025-1176

A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the function bfdelfgcmarkrsec of the file elflink.c of the component ld. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The complexity of an attack is rather...

SUSE: Security Advisory (SUSE-SU-2022:4277-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:4146-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:4146-1 Security update for binutils

This update for binutils fixes the following issues: The following security bugs were fixed: - CVE-2019-1010204: Fixed out-of-bounds read in elfcpp/elfcppfile.h bsc1142579. - CVE-2021-3530: Fixed stack-based buffer overflow in demanglepath in rust-demangle.c bsc1185597. - CVE-2021-3648: Fixed...