Lucene search
K

15 matches found

CVE
CVE
added 2026/03/15 12:19 a.m.69 views

CVE-2026-3442

CVE-2026-3442 is a reported heap-based buffer overflow in the GNU Binutils bfd linker, caused by a missing r_symndx bounds check in xcoff_link_add_symbols. Exploitation would involve processing a crafted XCOFF object file and could lead to information disclosure or an application crash/DoS. Multi...

7.1CVSS5.9AI score0.00245EPSS
CVE
CVE
added 2026/03/06 12:0 a.m.63 views

CVE-2025-69649

CVE-2025-69649 affects GNU Binutils up to version 2.46 (readelf). A vulnerability in relocation processing can pass an invalid or null section pointer to display_relocations(), causing a null pointer dereference that leads to a segmentation fault (SIGSEGV) and process termination. The available s...

7.5CVSS5.8AI score0.00256EPSS
CVE
CVE
added 2026/04/22 8:37 a.m.61 views

CVE-2026-6846

CVE-2026-6846 describes a heap-buffer-overflow in GNU binutils during linking when processing a specially crafted XCOFF object file. The vulnerability affects the XCOFF handling code, where a crafted file can trigger arbitrary code execution or a denial of service. The advisory notes local exploi...

7.8CVSS5.9AI score0.00171EPSS
CVE
CVE
added 2026/03/06 12:0 a.m.57 views

CVE-2025-69651

CVE-2025-69651 affects GNU Binutils through version 2.46, specifically the readelf component. The vulnerability arises from an invalid pointer free when parsing a crafted ELF binary with malformed relocation or symbol data. If dump_relocations exits early, the internal all_relocations array may b...

5.5CVSS6.1AI score0.0024EPSS
CVE
CVE
added 2026/03/15 12:19 a.m.54 views

CVE-2026-3441

CVE-2026-3441 affects GNU Binutils, specifically an out-of-bounds read in the xcoff linker (bfd) triggered by processing a crafted XCOFF object file. The root cause is an out-of-bounds read in xcoff_link_add_symbols due to a bounds check issue on x_scnlen, leading to potential information disclos...

7.1CVSS6AI score0.00176EPSS
CVE
CVE
added 2026/03/06 12:0 a.m.53 views

CVE-2025-69650

CVE-2025-69650 affects GNU Binutils up to version 2.46, specifically the readelf tool. The vulnerability arises during GOT relocation handling: dump_relocations may return early and fail to initialize the all_relocations array, causing process_got_section_contents() to pass an uninitialized r_sym...

7.5CVSS6.2AI score0.00502EPSS
CVE
CVE
added 2026/03/06 12:0 a.m.39 views

CVE-2025-69652

GNU Binutils readelf (up to version 2.46) contains a vulnerability when processing crafted ELF binaries with malformed DWARF/debug info. Root cause: incomplete cleanup in process_debug_info can leave invalid debug_info_p state, causing a fatal abort in byte_get_little_endian() for certain zero-le...

6.2CVSS6.1AI score0.00173EPSS
CVE
CVE
added 2026/04/22 8:37 a.m.30 views

CVE-2026-6844

CVE-2026-6844 affects the readelf utility in the binutils package. A crafted ELF file can trigger two DoS conditions: (1) resource exhaustion leading to out-of-memory and (2) a null pointer dereference causing a segmentation fault. Both can render readelf unresponsive or crash, resulting in denia...

5.5CVSS5.7AI score0.00104EPSS
CVE
CVE
added 2026/03/23 1:37 p.m.29 views

CVE-2026-4647

The CVE-2026-4647 issue affects the GNU Binutils BFD library when handling XCOFF object files. A relocation type value is not properly validated before use, allowing an out-of-bounds read. This can cause tools that process XCOFF binaries to crash or expose unintended memory contents, leading to d...

6.1CVSS5.7AI score0.00168EPSS
CVE
CVE
added 2026/03/06 12:0 a.m.27 views

CVE-2025-69645

CVE-2025-69645 affects binutils objdump with a flaw in DWARF compilation unit handling that can drive an invalid offset_size into byte_get_little_endian, triggering a SIGABRT on crafted inputs. The issue is documented for binutils 2.44; several connected sources note a patch/release upgrade path ...

5.5CVSS5.8AI score0.00166EPSS
CVE
CVE
added 2026/03/06 12:0 a.m.25 views

CVE-2025-69644

CVE-2025-69644 affects Binutils before 2.46, where objdump may loop indefinitely when parsing crafted binaries with malformed DWARF debug information due to a logic flaw in DWARF location list header handling. This can cause unbounded resource consumption and endless output, enabling a local atta...

5CVSS5.8AI score0.00126EPSS
CVE
CVE
added 2026/04/22 7:54 a.m.21 views

CVE-2026-6845

CVE-2026-6845 : A flaw in binutils/readelf allows a local attacker to trigger a Denial of Service by processing a specially crafted ELF file. The vulnerability arises during ELF processing and can cause the host to become unresponsive due to excessive resource consumption or a program crash. CVSS...

5CVSS5.7AI score0.00141EPSS
CVE
CVE
added 2026/03/09 12:0 a.m.20 views

CVE-2025-69648

CVE-2025-69648 affects GNU Binutils readelf (up to 2.45.1) and related mingw-binutils packages. The issue is a logic flaw in the DWARF parser when handling crafted binaries with malformed .debug_rnglists data, causing readelf to print the same warning in a loop and not make forward progress, resu...

6.2CVSS6.2AI score0.00176EPSS
CVE
CVE
added 2026/03/09 12:0 a.m.19 views

CVE-2025-69647

CVE-2025-69647 affects GNU Binutils readelf before or up to 2.45.1. A logic flaw in the DWARF loclists parser can cause readelf to loop indefinitely while processing a crafted binary, consuming CPU and I/O and effectively denying analysis progress. This is triggered by a malicious input file and ...

6.2CVSS5.8AI score0.00152EPSS
CVE
CVE
added 2026/03/06 12:0 a.m.13 views

CVE-2025-69646

CVE-2025-69646 affects GNU Binutils’ objdump. A logic error in handling the debug_rnglists header when processing a crafted binary (notably seen in binutils 2.44) can cause an unbounded logging loop, consuming CPU/I/O and preventing completion of objdump analysis. Affected component: objdump in b...

5.5CVSS5.8AI score0.00155EPSS