rpm package
almalinux/binutils
pkg:rpm/almalinux/binutils
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-11083 | Med | 5.3 | < 2.41-58.el10_1.2.alma.1 | 2.41-58.el10_1.2.alma.1 | Sep 27, 2025 | A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elf_swap_shdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclos | |
| CVE-2025-11082 | Med | 5.3 | < 2.41-58.el10_1.2.alma.1 | 2.41-58.el10_1.2.alma.1 | Sep 27, 2025 | A flaw has been found in GNU Binutils 2.45. Impacted is the function _bfd_elf_parse_eh_frame of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. The attack is restricted to local execution. The exploit has been pu | |
| CVE-2025-5244 | Med | 5.3 | < 2.41-58.el10.alma.1 | 2.41-58.el10.alma.1 | May 27, 2025 | A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elf_gc_sweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit | |
| CVE-2022-4285 | — | < 2.30-119.el8_8.2 | 2.30-119.el8_8.2 | Jan 27, 2023 | An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. | ||
| CVE-2018-12699 | — | < 2.30-125.el8_10 | 2.30-125.el8_10 | Jun 23, 2018 | finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump. |
- affected < 2.41-58.el10_1.2.alma.1fixed 2.41-58.el10_1.2.alma.1
A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elf_swap_shdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclos
- affected < 2.41-58.el10_1.2.alma.1fixed 2.41-58.el10_1.2.alma.1
A flaw has been found in GNU Binutils 2.45. Impacted is the function _bfd_elf_parse_eh_frame of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. The attack is restricted to local execution. The exploit has been pu
- affected < 2.41-58.el10.alma.1fixed 2.41-58.el10.alma.1
A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elf_gc_sweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit
- CVE-2022-4285Jan 27, 2023affected < 2.30-119.el8_8.2fixed 2.30-119.el8_8.2
An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.
- CVE-2018-12699Jun 23, 2018affected < 2.30-125.el8_10fixed 2.30-125.el8_10
finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.