CVE-2025-11081

Medium CVSS: 4.8

A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dump_dwarf_section of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit is now public and may be used. The patch is named f87a66db645caf8cc0e6fc87b0c28c78a38af59b. It is suggested to install a patch to address this issue.

Vendor

Gnu

Product

Binutils

CWE

CWE-119

Yayın Tarihi

2025-09-27 22:15:32

Güncelleme

2025-10-03 16:51:07

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-119 Binutils MEDIUM Gnu 2025

Referanslar

https://github.com/user-attachments/files/20623354/hdf5_crash_3.txt https://sourceware.org/bugzilla/show_bug.cgi?id=33406 https://sourceware.org/bugzilla/show_bug.cgi?id=33406#c2 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f87a66db645caf8cc0e6fc87b0c28c78a38af59b https://vuldb.com/?ctiid.326122 https://vuldb.com/?id.326122 https://vuldb.com/?submit.661275 https://www.gnu.org/

Benzer Kayıtlar

High

CVE-2026-4046

The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when convertin…

Medium

CVE-2026-4647

A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files…

High

CVE-2026-4437

Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the…

Medium

CVE-2026-4438

Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the…

Medium

CVE-2026-3441

A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in t…

Medium

CVE-2026-3442

A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read,…