Unrated severityNVD Advisory· Published Feb 11, 2025· Updated Feb 11, 2025

GNU Binutils ld libbfd.c bfd_putl64 memory corruption

CVE-2025-1179

Description

A critical memory corruption vulnerability in GNU Binutils 2.43's ld component via bfd_putl64, requiring high attack complexity.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A critical memory corruption vulnerability in GNU Binutils 2.43's ld component via bfd_putl64, requiring high attack complexity.

Vulnerability

A critical memory corruption vulnerability exists in GNU Binutils version 2.43. The flaw is located in the bfd_putl64 function within the file bfd/libbfd.c of the ld component [1]. The vulnerability is triggered during specific manipulation, leading to memory corruption. The affected version is 2.43; the issue has been fixed in version 2.44 [1].

Exploitation

The attack can be launched remotely, but the complexity is high and exploitation is considered difficult [1]. An attacker would need to craft a malicious input that triggers the memory corruption through the bfd_putl64 function in the linker. Public exploit details have been disclosed, which could aid in weaponization [1].

Impact

Successful exploitation results in memory corruption, which could lead to denial of service, information disclosure, or potentially arbitrary code execution depending on the specific corruption. The attack is remotely exploitable, raising the severity to critical [1].

Mitigation

Upgrading to GNU Binutils version 2.44 is recommended to address this issue [1]. The code maintainer states that the bug was fixed between the 2.43 and 2.44 releases [1]. No workarounds have been disclosed in the available references.

References

The GNU Operating System and the Free Software Movement

AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

112

GNU/Binutilsllm-fuzzy2 versions
=2.43+ 1 more
- (no CPE)range: =2.43
- (no CPE)range: 2.43
osv-coords110 versions
pkg:rpm/opensuse/binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/binutils&distro=openSUSE%20Tumbleweed pkg:rpm/opensuse/bpftool&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-aarch64-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-aarch64-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-arm-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-arm-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-avr-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-avr-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-bpf-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-bpf-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-epiphany-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-epiphany-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-hppa64-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-hppa64-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-hppa-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-hppa-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-i386-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-i386-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-ia64-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-ia64-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-loongarch64-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-m68k-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-m68k-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-mips-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-mips-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-ppc64-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-ppc64-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-ppc64le-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-ppc64le-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-ppc-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-ppc-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-pru-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-pru-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-riscv64-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-riscv64-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-rx-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-rx-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-s390-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-s390-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-s390x-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-s390x-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-sparc64-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-sparc64-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-sparc-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-sparc-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-spu-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-spu-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-x86_64-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-x86_64-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/cross-xtensa-binutils&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/cross-xtensa-binutils&distro=openSUSE%20Leap%2016.0 pkg:rpm/opensuse/openucx&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/perf&distro=openSUSE%20Leap%2015.6 pkg:rpm/suse/binutils&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7 pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7 pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6 pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7 pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%2016.0 pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3 pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4 pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5 pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0 pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Micro%206.2 pkg:rpm/suse/binutils&distro=SUSE%20Manager%20Proxy%20LTS%204.3 pkg:rpm/suse/binutils&distro=SUSE%20Manager%20Server%20LTS%204.3 pkg:rpm/suse/bpftool&distro=SUSE%20Linux%20Enterprise%20Server%2016.0 pkg:rpm/suse/bpftool&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0 pkg:rpm/suse/openucx&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS pkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS pkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS pkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS pkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7 pkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS pkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS pkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3 pkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4 pkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5 pkg:rpm/suse/openucx&distro=SUSE%20Manager%20Proxy%20LTS%204.3 pkg:rpm/suse/openucx&distro=SUSE%20Manager%20Server%20LTS%204.3 pkg:rpm/suse/perf&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS pkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS pkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS pkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS pkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7 pkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS pkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS pkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3 pkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4 pkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5
< 2.45-150100.7.57.1+ 109 more
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-1.2
- (no CPE)range: < 7.5.0-160000.2.3
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 1.15.0-150600.3.5.2
- (no CPE)range: < 6.4.0.git33229.a3afe13a7f-150600.3.17.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 7.5.0-160000.2.3
- (no CPE)range: < 7.5.0-160000.2.3
- (no CPE)range: < 1.9.0-150300.4.2.5
- (no CPE)range: < 1.9.0-150300.4.2.5
- (no CPE)range: < 1.11.1-150400.4.2.1
- (no CPE)range: < 1.11.1-150400.4.2.1
- (no CPE)range: < 1.13.1-150500.4.2.5
- (no CPE)range: < 1.13.1-150500.4.2.5
- (no CPE)range: < 1.15.0-150600.3.5.2
- (no CPE)range: < 1.17.0-150700.4.2.7
- (no CPE)range: < 1.9.0-150300.4.2.5
- (no CPE)range: < 1.11.1-150400.4.2.1
- (no CPE)range: < 1.13.1-150500.4.2.5
- (no CPE)range: < 1.9.0-150300.4.2.5
- (no CPE)range: < 1.11.1-150400.4.2.1
- (no CPE)range: < 1.13.1-150500.4.2.5
- (no CPE)range: < 1.11.1-150400.4.2.1
- (no CPE)range: < 1.11.1-150400.4.2.1
- (no CPE)range: < 5.3.18-150300.38.7.1
- (no CPE)range: < 5.3.18-150300.38.7.1
- (no CPE)range: < 5.14.21-150400.44.20.1
- (no CPE)range: < 5.14.21-150400.44.20.1
- (no CPE)range: < 5.14.21-150500.52.5.1
- (no CPE)range: < 5.14.21-150500.52.5.1
- (no CPE)range: < 6.4.0.git33229.a3afe13a7f-150600.3.17.1
- (no CPE)range: < 6.4.0.git54263.0aad576b1c-150700.3.2.2
- (no CPE)range: < 5.3.18-150300.38.7.1
- (no CPE)range: < 5.14.21-150400.44.20.1
- (no CPE)range: < 5.14.21-150500.52.5.1
- (no CPE)range: < 5.3.18-150300.38.7.1
- (no CPE)range: < 5.14.21-150400.44.20.1
- (no CPE)range: < 5.14.21-150500.52.5.1

Patches

No patches discovered yet.

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

sourceware.org/bugzilla/show_bug.cgimitreissue-trackingpatch
sourceware.org/bugzilla/attachment.cgimitreexploit
vuldb.commitrethird-party-advisory
sourceware.org/bugzilla/show_bug.cgimitreissue-tracking
vuldb.commitresignaturepermissions-required
vuldb.commitrevdb-entrytechnical-description
www.gnu.orgmitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000