Unrated severityNVD Advisory· Published Mar 6, 2026· Updated Mar 9, 2026
CVE-2025-69652
CVE-2025-69652
Description
GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort (SIGABRT) when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in process_debug_info(), an invalid debug_info_p state may propagate into DWARF attribute parsing routines. When certain malformed attributes result in an unexpected data length of zero, byte_get_little_endian() triggers a fatal abort. No evidence of memory corruption or code execution was observed; the impact is limited to denial of service.
Affected products
10- GNU Binutils/readelfdescription
- osv-coords8 versionspkg:apk/chainguard/binutilspkg:apk/chainguard/binutils-devpkg:apk/chainguard/binutils-docpkg:apk/chainguard/binutils-goldpkg:apk/wolfi/binutilspkg:apk/wolfi/binutils-devpkg:apk/wolfi/binutils-docpkg:apk/wolfi/binutils-gold
< 2.46.1-r0+ 7 more
- (no CPE)range: < 2.46.1-r0
- (no CPE)range: < 2.46.1-r0
- (no CPE)range: < 2.46.1-r0
- (no CPE)range: < 2.46.1-r0
- (no CPE)range: < 2.46.1-r0
- (no CPE)range: < 2.46.1-r0
- (no CPE)range: < 2.46.1-r0
- (no CPE)range: < 2.46.1-r0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.