VYPR
← All advisories
Medium severity5.3NVD Advisory· Published May 27, 2025· Updated May 12, 2026

CVE-2025-5245

CVE-2025-5245

Description

A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debug_type_samep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Memory corruption in GNU Binutils objdump's debug_type_samep allows local attackers to crash or execute code; patch recommended.

Vulnerability

A critical vulnerability in GNU Binutils up to version 2.44 affects the debug_type_samep function in /binutils/debug.c of the objdump component. The manipulation leads to memory corruption.

Exploitation

Local access is required, meaning an attacker must have a local account or be able to trick a user into opening a crafted binary with objdump. The exploit has been publicly disclosed.

Impact

Successful exploitation could result in memory corruption, potentially leading to process crashes or arbitrary code execution. The CVSS score of 5.3 (Medium) indicates moderate severity.

Mitigation

A patch is recommended to fix the issue. Users should update GNU Binutils to a patched version and avoid processing untrusted binaries with objdump until patched.

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • GNU/Binutilsllm-fuzzy2 versions
    <=2.44+ 1 more
    • (no CPE)range: <=2.44
    • (no CPE)range: 2.0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

8

News mentions

0

No linked articles in our index yet.