Unrated severityNVD Advisory· Published Mar 15, 2026· Updated Apr 28, 2026
Binutils: gnu binutils: information disclosure via specially crafted xcoff object file
CVE-2026-3441
Description
A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a specially crafted XCOFF object file, an attacker can trigger this flaw, potentially leading to information disclosure or an application level denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10- cpe:/a:redhat:hummingbird:1
- cpe:/a:redhat:openshift:4
cpe:/o:redhat:enterprise_linux:10+ 4 more
- cpe:/o:redhat:enterprise_linux:10
- cpe:/o:redhat:enterprise_linux:6
- cpe:/o:redhat:enterprise_linux:7
- cpe:/o:redhat:enterprise_linux:8
- cpe:/o:redhat:enterprise_linux:9
- osv-coords2 versions
< 2.46.1-r2+ 1 more
- (no CPE)range: < 2.46.1-r2
- (no CPE)range: < 2.46.1-r2
Patches
Vulnerability mechanics
References
2- access.redhat.com/security/cve/CVE-2026-3441mitrevdb-entryx_refsource_REDHAT
- bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
News mentions
0No linked articles in our index yet.