CVE-2025-69644

CVE-2025-69644 affects Binutils before 2.46, where objdump may loop indefinitely when parsing crafted binaries with malformed DWARF debug information due to a logic flaw in DWARF location list header handling. This can cause unbounded resource consumption and endless output, enabling a local atta...

CVE-2025-69646

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debugrnglists data. A logic error in the handling of the debugrnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an...

CVE-2025-69644

An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handling of DWARF location list headers can cause objdump to enter an unbounded loop and produce endless...

CVE-2025-69645

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offsetsize value being used inside bytegetlittleendian, leading to an abort SIGABR...

CVE-2025-69646

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debugrnglists data. A logic error in the handling of the debugrnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an...

CVE-2025-69645

CVE-2025-69645 affects binutils objdump with a flaw in DWARF compilation unit handling that can drive an invalid offset_size into byte_get_little_endian, triggering a SIGABRT on crafted inputs. The issue is documented for binutils 2.44; several connected sources note a patch/release upgrade path ...

CVE-2025-69644

An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handling of DWARF location list headers can cause objdump to enter an unbounded loop and produce endless...

CVE-2025-69645

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offsetsize value being used inside bytegetlittleendian, leading to an abort SIGABR...

CVE-2025-69646

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debugrnglists data. A logic error in the handling of the debugrnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an...

Siemens S7-1500 Missing Release of Memory after Effective Lifetime (CVE-2025-3198)

A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function displayinfo of the file binutils/bucomm.c of the component objdump. The manipulation leads to memory leak. An attack has to be approached locally. The exploit has...

Siemens S7-1500 Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2025-5245)

A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debugtypesamep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been...

EulerOS Virtualization 2.10.1 : binutils (EulerOS-SA-2026-1105)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copysecti...

MiracleLinux 7 : binutils-2.27-41.base.el7 (AXSA:2019-4165:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4165:01 advisory. binutils: integer overflow leads to heap-based buffer overflow in objdump CVE-2018-1000876 binutils: Stack Exhaustion in the demangling functions...

MiracleLinux 7 : binutils-2.27-44.0.1.base.el7.1.AXS7 (AXSA:2025-9812:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9812:01 advisory. - CVE-2025-0840: fix stack-buffer-overflow at objdump disassemblebytes CVEs: CVE-2025-0840 A vulnerability, which was classified as problematic, was found in...

CLSA-2025-1767028936 Fix CVE(s): CVE-2025-11839

SECURITY UPDATE: crash in objdump when processing malformed debug data - debian/patches/CVE-2025-11839.patch: remove abort call in DGB debug-format printing code to avoid uncontrolled program termination when handling crafted input files - CVE-2025-11839...

EulerOS Virtualization 2.13.0 : binutils (EulerOS-SA-2025-2569)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the...

EulerOS Virtualization 2.13.1 : binutils (EulerOS-SA-2025-2534)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the...

TencentOS Server 4: binutils (TSSA-2025:0477)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0477 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 3: binutils (TSSA-2024:1012)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1012 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

ROS-20251105-04

A vulnerability in the debugtypesamep function of the objdump component of the GNU Binutils development tool is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of the elfgcsweep...