CVE-2026-4647

Medium CVSS: 6.1

A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can cause the program to read memory outside of intended bounds. As a result, affected tools may crash or expose unintended memory contents, leading to denial-of-service or limited information disclosure risks.

Vendor

Gnu

Product

Binutils

CWE

CWE-125

Yayın Tarihi

2026-03-23 14:16:36

Güncelleme

2026-03-24 19:02:03

Source Identifier

secalert@redhat.com

KEV Date Added

Kategoriler

CWE-125 Binutils MEDIUM Gnu 2026

Referanslar

https://access.redhat.com/security/cve/CVE-2026-4647 https://bugzilla.redhat.com/show_bug.cgi?id=2450302 https://sourceware.org/bugzilla/show_bug.cgi?id=33919

Benzer Kayıtlar

Medium

CVE-2026-3441

A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in t…

Medium

CVE-2026-3442

A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read,…

Medium

CVE-2025-69648

GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malfor…

Medium

CVE-2025-69647

GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malfor…

High

CVE-2025-69649

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary wi…

High

CVE-2025-69650

GNU Binutils thru 2.46 readelf contains a double free vulnerability when processing a crafted ELF binary with malformed…