CVE-2026-4647

A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can caus...

CVE-2026-3441

A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a specially crafted XCOFF object file, an attacker can trigger this...

CVE-2026-3442

CVE-2026-3442 is a reported heap-based buffer overflow in the GNU Binutils bfd linker, caused by a missing r_symndx bounds check in xcoff_link_add_symbols. Exploitation would involve processing a crafted XCOFF object file and could lead to information disclosure or an application crash/DoS. Multi...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the xcofflinkaddsymbols function. An attacker can access sensitive information by convincing a user to process a specially crafted XCOFF object file. Remediation There is no fixed version for binutils. References -...