CVE-2025-11494

The CVE-2025-11494 entry corresponds to GNU Binutils 2.45. The vulnerability affects the linker component, specifically the function _bfd_x86_elf_late_size_sections in bfd/elfxx-x86.c, causing an out-of-bounds read. Exploitation requires local access, and public exploitation details exist. A patc...

CVE-2025-11081

CVE-2025-11081 pertains to GNU Binutils 2.45, specifically the dump_dwarf_section function in binutils/objdump.c. The issue allows a local attacker to trigger an out-of-bounds read, with exploit details publicly available. A patch is available (hash f87a66db645caf8cc0e6fc87b0c28c78a38af59b) and u...

CVE-2025-69650

CVE-2025-69650 affects GNU Binutils up to version 2.46, specifically the readelf tool. The vulnerability arises during GOT relocation handling: dump_relocations may return early and fail to initialize the all_relocations array, causing process_got_section_contents() to pass an uninitialized r_sym...

CVE-2025-11083

CVE-2025-11083 affects GNU Binutils 2.45, specifically the linker component. The vulnerability is a heap-based overflow in the elf_swap_shdr function (bfd/elfcode.h) that requires local access to exploit. The advisory notes a patch was prepared and indicates fixes were made in version 2.46. Publi...

CVE-2025-66862

CVE-2025-66862 affects GNU Binutils 2.26, with a buffer overflow in gnu_special (cplus-dem.c) that can cause a denial-of-service via a crafted PE file. The issue can trigger a heap-based buffer over-read and terminate affected processes. CVSS v3.1 base score 7.5 (HIGH). Connected advisories ident...

CVE-2025-66863

CVE-2025-66863 describes a denial-of-service vulnerability in GNU BinUtils 2.26 caused by the d_discriminator function in cp-demangle.c when processing specially crafted Portable Executable (PE) files. The issue is triggered by crafted inputs and could render the affected application unavailable....

CVE-2026-3441

CVE-2026-3441 affects GNU Binutils, specifically an out-of-bounds read in the xcoff linker (bfd) triggered by processing a crafted XCOFF object file. The root cause is an out-of-bounds read in xcoff_link_add_symbols due to a bounds check issue on x_scnlen, leading to potential information disclos...

CVE-2026-6846

CVE-2026-6846 describes a heap-buffer-overflow in GNU binutils during linking when processing a specially crafted XCOFF object file. The vulnerability affects the XCOFF handling code, where a crafted file can trigger arbitrary code execution or a denial of service. The advisory notes local exploi...

CVE-2025-11839

CVE-2025-11839 affects GNU Binutils 2.45, with the vulnerable code path in tg_tag_type inside prdbg.c. The issue results from an unchecked return value, enabling a local attacker to exploit it. Multiple connected sources corroborate a locally exploitable flaw and indicate that an exploit has been...

CVE-2025-69652

GNU Binutils readelf (up to version 2.46) contains a vulnerability when processing crafted ELF binaries with malformed DWARF/debug info. Root cause: incomplete cleanup in process_debug_info can leave invalid debug_info_p state, causing a fatal abort in byte_get_little_endian() for certain zero-le...

CVE-2025-66866

CVE-2025-66866 affects BinUtils 2.26. The issue is in the function d_abi_tags in cp-demangle.c and could allow a denial of service via a crafted PE file. NVD lists CVSSv3.1 scores (base 7.5 HIGH; AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Remediation guidance appears in Red Hat Advisory: avoid process...

CVE-2025-11412

CVE-2025-11412 affects GNU Binutils 2.45, specifically the function bfd_elf_gc_record_vtentry in bfd/elflink.c of the linker. The issue enables an out-of-bounds read and requires local access. The exploit has been disclosed publicly. A patch identifier is listed: 047435dd988a3975d40c6626a8f739a0b...

CVE-2026-4647

The CVE-2026-4647 issue affects the GNU Binutils BFD library when handling XCOFF object files. A relocation type value is not properly validated before use, allowing an out-of-bounds read. This can cause tools that process XCOFF binaries to crash or expose unintended memory contents, leading to d...

CVE-2025-11413

CVE-2025-11413 : In GNU Binutils 2.45, the vulnerability affects the linker component, specifically the function elf_link_add_object_symbols in bfd/elflink.c, which may cause an out-of-bounds read. The issue requires local access to exploit, and an exploit has been made public. A fix is available...

CVE-2025-11495

CVE-2025-11495 affects GNU Binutils 2.45. The vulnerable element is the linker’s elf_x86_64_relocate_section function in elf64-x86-64.c, where manipulation can cause a heap-based buffer overflow. Impact is local, with publicly disclosed exploit. A patch is available (patch name: 6b21c8b2ecfef5c95...

CVE-2025-11414

GNU Binutils 2.45 contains a local vulnerability in the linker’s bfd/elflink.c get_link_hash_entry function that allows an out-of-bounds read. The issue, disclosed publicly, is mitigated by upgrading to Binutils 2.46. A patch was identified (aeaaa9af6359c8e394ce9cf24911fec4f4d23703). Affected pro...

CVE-2025-66865

CVE-2025-66865 affects GNU Binutils 2.26. A flaw in function d_print_comp_inner in cp-demangle.c can be triggered by processing specially crafted PE files, causing a crash and denial of service. Red Hat’s advisory notes mitigation as not available or not meeting criteria for their base products; ...

CVE-2026-6844

CVE-2026-6844 affects the readelf utility in the binutils package. A crafted ELF file can trigger two DoS conditions: (1) resource exhaustion leading to out-of-memory and (2) a null pointer dereference causing a segmentation fault. Both can render readelf unresponsive or crash, resulting in denia...

CVE-2025-66864

CVE-2025-66864 affects Binutils 2.26, where the d_print_comp_inner function in cp-demangle.c misbehaves when processing crafted PE files, causing denial of service through a crash. The connected sources confirm the vulnerable component and the crash impact but do not provide concrete exploit deta...

CVE-2025-69645

CVE-2025-69645 affects binutils objdump with a flaw in DWARF compilation unit handling that can drive an invalid offset_size into byte_get_little_endian, triggering a SIGABRT on crafted inputs. The issue is documented for binutils 2.44; several connected sources note a patch/release upgrade path ...

CVE-2025-66861

CVE-2025-66861 affects GNU BinUtils 2.26. The issue is in the function d_unqualified_name in cp-demangle.c; processing a specially crafted PE file can cause a crash leading to a denial of service . Red Hat notes that mitigation is not available or does not meet criteria. Other sources corroborate...

CVE-2025-69648

CVE-2025-69648 affects GNU Binutils readelf (up to 2.45.1) and related mingw-binutils packages. The issue is a logic flaw in the DWARF parser when handling crafted binaries with malformed .debug_rnglists data, causing readelf to print the same warning in a loop and not make forward progress, resu...

CVE-2026-6845

CVE-2026-6845 : A flaw in binutils/readelf allows a local attacker to trigger a Denial of Service by processing a specially crafted ELF file. The vulnerability arises during ELF processing and can cause the host to become unresponsive due to excessive resource consumption or a program crash. CVSS...

CVE-2025-69644

CVE-2025-69644 affects Binutils before 2.46, where objdump may loop indefinitely when parsing crafted binaries with malformed DWARF debug information due to a logic flaw in DWARF location list header handling. This can cause unbounded resource consumption and endless output, enabling a local atta...

CVE-2025-69646

CVE-2025-69646 affects GNU Binutils’ objdump. A logic error in handling the debug_rnglists header when processing a crafted binary (notably seen in binutils 2.44) can cause an unbounded logging loop, consuming CPU/I/O and preventing completion of objdump analysis. Affected component: objdump in b...

CVE-2025-69647

CVE-2025-69647 affects GNU Binutils readelf before or up to 2.45.1. A logic flaw in the DWARF loclists parser can cause readelf to loop indefinitely while processing a crafted binary, consuming CPU and I/O and effectively denying analysis progress. This is triggered by a malicious input file and ...