CVE-2025-69649

GNU Binutils up to 2.46 readelf contains a null pointer dereference vulnerability during relocation processing of crafted ELF headers; an invalid or null section pointer passed to display_relocations() can cause a segmentation fault. No evidence of memory corruption beyond the null pointer derefe...

CVE-2025-69651

CVE-2025-69651 affects GNU Binutils through version 2.46, specifically the readelf component. The vulnerability arises from an invalid pointer free when parsing a crafted ELF binary with malformed relocation or symbol data. If dump_relocations exits early, the internal all_relocations array may b...

CVE-2025-69650

CVE-2025-69650 affects GNU Binutils up to 2.46. A readelf-related vulnerability occurs when processing a crafted ELF with malformed relocation data. During GOT relocation handling, dump_relocations may return early without initializing the all_relocations array, causing process_got_section_conten...

CVE-2025-69652

CVE-2025-69652 concerns GNU Binutils up to 2.46, specifically the readelf component. A crafted ELF binary with malformed DWARF abbrev or debug information can trigger an abort (SIGABRT) due to incomplete state cleanup in process_debug_info(), allowing an invalid debug_info_p state to propagate in...

CVE-2026-6846

CVE-2026-6846 describes a heap-buffer-overflow in GNU binutils during linking when processing a specially crafted XCOFF object file. The vulnerability affects the XCOFF handling code, where a crafted file can trigger arbitrary code execution or a denial of service. The advisory notes local exploi...