CVE-2026-3441

CVE-2026-3441 affects GNU Binutils, specifically an out-of-bounds read in the xcoff linker (bfd) triggered by processing a crafted XCOFF object file. The root cause is an out-of-bounds read in xcoff_link_add_symbols due to a bounds check issue on x_scnlen, leading to potential information disclos...

CVE-2026-3442

CVE-2026-3442 is a reported heap-based buffer overflow in the GNU Binutils bfd linker, caused by a missing r_symndx bounds check in xcoff_link_add_symbols. Exploitation would involve processing a crafted XCOFF object file and could lead to information disclosure or an application crash/DoS. Multi...

CVE-2026-4647

The CVE-2026-4647 issue affects the GNU Binutils BFD library when handling XCOFF object files. A relocation type value is not properly validated before use, allowing an out-of-bounds read. This can cause tools that process XCOFF binaries to crash or expose unintended memory contents, leading to d...

CVE-2026-6844

CVE-2026-6844 affects the readelf utility in the binutils package. A crafted ELF file can trigger two DoS conditions: (1) resource exhaustion leading to out-of-memory and (2) a null pointer dereference causing a segmentation fault. Both can render readelf unresponsive or crash, resulting in denia...

CVE-2026-6845

CVE-2026-6845 : A flaw in binutils/readelf allows a local attacker to trigger a Denial of Service by processing a specially crafted ELF file. The vulnerability arises during ELF processing and can cause the host to become unresponsive due to excessive resource consumption or a program crash. CVSS...