CVE-2025-69646

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debugrnglists data. A logic error in the handling of the debugrnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an...

CVE-2025-69646

Binutils objdump is affected by a denial-of-service due to a logic error in handling the DWARF debug_rnglists header. A crafted input file can trigger repeated warning messages and an unbounded logging loop, causing excessive CPU and I/O usage and preventing completion of the objdump analysis. Th...

CVE-2025-69645

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offsetsize value being used inside bytegetlittleendian, leading to an abort SIGABR...

CVE-2025-69644

An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handling of DWARF location list headers can cause objdump to enter an unbounded loop and produce endless...

CVE-2025-69645

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offsetsize value being used inside bytegetlittleendian, leading to an abort SIGABR...

CVE-2025-69645

The CVE details a denial-of-service in binutils objdump when parsing crafted binaries with malformed DWARF debug info. A logic error in DWARF compilation unit handling can cause an invalid offset_size to be used inside byte_get_little_endian, triggering a crash (SIGABRT). Affects binutils 2.44; i...

CVE-2025-69644

An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handling of DWARF location list headers can cause objdump to enter an unbounded loop and produce endless...

CVE-2025-69646

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debugrnglists data. A logic error in the handling of the debugrnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an...

Siemens S7-1500 Missing Release of Memory after Effective Lifetime (CVE-2025-3198)

A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function displayinfo of the file binutils/bucomm.c of the component objdump. The manipulation leads to memory leak. An attack has to be approached locally. The exploit has...

Siemens S7-1500 Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2025-5245)

A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debugtypesamep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been...

EulerOS Virtualization 2.10.1 : binutils (EulerOS-SA-2026-1105)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copysecti...

MiracleLinux 7 : binutils-2.27-41.base.el7 (AXSA:2019-4165:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4165:01 advisory. binutils: integer overflow leads to heap-based buffer overflow in objdump CVE-2018-1000876 binutils: Stack Exhaustion in the demangling functions...

MiracleLinux 7 : binutils-2.27-44.0.1.base.el7.1.AXS7 (AXSA:2025-9812:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9812:01 advisory. - CVE-2025-0840: fix stack-buffer-overflow at objdump disassemblebytes CVEs: CVE-2025-0840 A vulnerability, which was classified as problematic, was found in...

CLSA-2025-1767028936 Fix CVE(s): CVE-2025-11839

SECURITY UPDATE: crash in objdump when processing malformed debug data - debian/patches/CVE-2025-11839.patch: remove abort call in DGB debug-format printing code to avoid uncontrolled program termination when handling crafted input files - CVE-2025-11839...

EulerOS Virtualization 2.13.0 : binutils (EulerOS-SA-2025-2569)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the...

EulerOS Virtualization 2.13.1 : binutils (EulerOS-SA-2025-2534)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the...

TencentOS Server 4: binutils (TSSA-2025:0477)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0477 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 3: binutils (TSSA-2024:1012)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1012 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

ROS-20251105-04

A vulnerability in the debugtypesamep function of the objdump component of the GNU Binutils development tool is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of the elfgcsweep...

CLSA-2025-1761141568 Fix CVE(s): CVE-2021-46174, CVE-2022-44840

SECURITY UPDATE: heap-based buffer overflow in function bfdgetl32 in objdump - debian/patches/CVE-2021-46174.patch: Don't read past end of section when concatentating stab strings in readsectionstabsdebugginginfo in rddbg.c - CVE-2021-46174 SECURITY UPDATE: heap buffer overflow in findsectioninse...