Unrated severityNVD Advisory· Published Feb 11, 2025· Updated Apr 25, 2025
GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec memory corruption
CVE-2025-1181
Description
Memory corruption in GNU Binutils 2.43's ld via _bfd_elf_gc_mark_rsec; patch available.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Memory corruption in GNU Binutils 2.43's ld via _bfd_elf_gc_mark_rsec; patch available.
Vulnerability
The vulnerability is a memory corruption issue in the _bfd_elf_gc_mark_rsec function in bfd/elflink.c of GNU Binutils version 2.43. It affects the ld component. The vulnerability is triggered during link-time garbage collection. The patch is identified by commit 931494c9a89558acb36a03a340c01726545eef24. [1]
Exploitation
An attacker can trigger this vulnerability remotely, but the attack complexity is high, making exploitation difficult. The exploit has been disclosed publicly. Crafted object files likely cause memory corruption during the garbage collection process.
Impact
Successful exploitation results in memory corruption, which may lead to arbitrary code execution or denial of service.
Mitigation
Apply the patch identified by commit 931494c9a89558acb36a03a340c01726545eef24. This fix is available from the GNU Binutils repository. Until patched, avoid using the affected version with untrusted input.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
112- osv-coords110 versionspkg:rpm/opensuse/binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/binutils&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/bpftool&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-aarch64-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-aarch64-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-arm-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-arm-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-avr-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-avr-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-bpf-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-bpf-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-epiphany-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-epiphany-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-hppa64-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-hppa64-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-hppa-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-hppa-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-i386-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-i386-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-ia64-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-ia64-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-loongarch64-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-m68k-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-m68k-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-mips-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-mips-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-ppc64-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-ppc64-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-ppc64le-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-ppc64le-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-ppc-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-ppc-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-pru-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-pru-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-riscv64-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-riscv64-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-rx-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-rx-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-s390-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-s390-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-s390x-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-s390x-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-sparc64-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-sparc64-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-sparc-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-sparc-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-spu-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-spu-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-x86_64-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-x86_64-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/cross-xtensa-binutils&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cross-xtensa-binutils&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/openucx&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/perf&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/binutils&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/binutils&distro=SUSE%20Manager%20Proxy%20LTS%204.3pkg:rpm/suse/binutils&distro=SUSE%20Manager%20Server%20LTS%204.3pkg:rpm/suse/bpftool&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/bpftool&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/openucx&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/openucx&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/openucx&distro=SUSE%20Manager%20Proxy%20LTS%204.3pkg:rpm/suse/openucx&distro=SUSE%20Manager%20Server%20LTS%204.3pkg:rpm/suse/perf&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6pkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/perf&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5
< 2.45-150100.7.57.1+ 109 more
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-1.2
- (no CPE)range: < 7.5.0-160000.2.3
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 1.15.0-150600.3.5.2
- (no CPE)range: < 6.4.0.git33229.a3afe13a7f-150600.3.17.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-160000.1.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 2.45-150100.7.57.1
- (no CPE)range: < 7.5.0-160000.2.3
- (no CPE)range: < 7.5.0-160000.2.3
- (no CPE)range: < 1.9.0-150300.4.2.5
- (no CPE)range: < 1.9.0-150300.4.2.5
- (no CPE)range: < 1.11.1-150400.4.2.1
- (no CPE)range: < 1.11.1-150400.4.2.1
- (no CPE)range: < 1.13.1-150500.4.2.5
- (no CPE)range: < 1.13.1-150500.4.2.5
- (no CPE)range: < 1.15.0-150600.3.5.2
- (no CPE)range: < 1.17.0-150700.4.2.7
- (no CPE)range: < 1.9.0-150300.4.2.5
- (no CPE)range: < 1.11.1-150400.4.2.1
- (no CPE)range: < 1.13.1-150500.4.2.5
- (no CPE)range: < 1.9.0-150300.4.2.5
- (no CPE)range: < 1.11.1-150400.4.2.1
- (no CPE)range: < 1.13.1-150500.4.2.5
- (no CPE)range: < 1.11.1-150400.4.2.1
- (no CPE)range: < 1.11.1-150400.4.2.1
- (no CPE)range: < 5.3.18-150300.38.7.1
- (no CPE)range: < 5.3.18-150300.38.7.1
- (no CPE)range: < 5.14.21-150400.44.20.1
- (no CPE)range: < 5.14.21-150400.44.20.1
- (no CPE)range: < 5.14.21-150500.52.5.1
- (no CPE)range: < 5.14.21-150500.52.5.1
- (no CPE)range: < 6.4.0.git33229.a3afe13a7f-150600.3.17.1
- (no CPE)range: < 6.4.0.git54263.0aad576b1c-150700.3.2.2
- (no CPE)range: < 5.3.18-150300.38.7.1
- (no CPE)range: < 5.14.21-150400.44.20.1
- (no CPE)range: < 5.14.21-150500.52.5.1
- (no CPE)range: < 5.3.18-150300.38.7.1
- (no CPE)range: < 5.14.21-150400.44.20.1
- (no CPE)range: < 5.14.21-150500.52.5.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- sourceware.org/bugzilla/attachment.cgimitreexploit
- vuldb.commitrethird-party-advisory
- sourceware.org/bugzilla/show_bug.cgimitreissue-tracking
- vuldb.commitresignaturepermissions-required
- vuldb.commitrevdb-entrytechnical-description
- www.gnu.orgmitreproduct
News mentions
0No linked articles in our index yet.