UBUNTU-CVE-2025-69652

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort SIGABRT when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in processdebuginfo, an invalid debuginfop state may propagate into DWARF attribute parsing...

CVE-2025-69651

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free when processing a crafted ELF binary with malformed relocation or symbol data. If dumprelocations returns early due to parsing errors, the internal allrelocations array may remain partially uninitialized...

UBUNTU-CVE-2025-1372

A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dumpdatasection/printstringsection of the file readelf.c of the component eu-readelf. The manipulation of the argument z/x leads to buffer overflow. An attack has to b...

AZL-28584 CVE-2022-35205 affecting package binutils for versions less than 2.37-10

An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function displaydebugnames allows attackers to cause a denial of service...

SUSE CVE-2014-3710

The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted ELF file...

SUSE CVE-2017-9042

readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in type long" issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted ELF file...

UBUNTU-CVE-2017-9041

GNU Binutils 2.28 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file, related to MIPS GOT mishandling in the processmipsspecific function in readelf.c...