VYPR

Binutils

by GNU

Source repositories

CVEs (273)

  • CVE-2025-11082MedSep 27, 2025
    risk 0.34cvss 5.3epss 0.00

    A flaw has been found in GNU Binutils 2.45. Impacted is the function _bfd_elf_parse_eh_frame of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. The attack is restricted to local execution. The exploit has been…

  • CVE-2025-7546MedJul 13, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfd_elf_set_group_contents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local…

  • CVE-2025-7545MedJul 13, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copy_section of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been…

  • CVE-2025-5245MedMay 27, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debug_type_samep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The…

  • CVE-2025-5244MedMay 27, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elf_gc_sweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The…

  • CVE-2026-6845MedApr 22, 2026
    risk 0.33cvss 5.0epss 0.00

    A flaw was found in binutils, specifically within the `readelf` utility. This vulnerability allows a local attacker to cause a Denial of Service (DoS) by tricking a user into processing a specially crafted Executable and Linkable Format (ELF) file. The exploitation of this flaw…

  • CVE-2025-11840LowOct 16, 2025
    risk 0.21cvss 3.3epss 0.00

    A weakness has been identified in GNU Binutils 2.45. The affected element is the function vfinfo of the file ldmisc.c. Executing a manipulation can lead to out-of-bounds read. The attack can only be executed locally. The exploit has been made available to the public and could be…

  • CVE-2025-11839LowOct 16, 2025
    risk 0.21cvss 3.3epss 0.00

    A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Performing a manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be used…

  • CVE-2025-11495LowOct 8, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was determined in GNU Binutils 2.45. The affected element is the function elf_x86_64_relocate_section of the file elf64-x86-64.c of the component Linker. This manipulation causes heap-based buffer overflow. The attack can only be executed locally. The exploit has…

  • CVE-2025-11494LowOct 8, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in GNU Binutils 2.45. Impacted is the function _bfd_x86_elf_late_size_sections of the file bfd/elfxx-x86.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made…

  • CVE-2025-11414LowOct 7, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function get_link_hash_entry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been…

  • CVE-2025-11413LowOct 7, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in GNU Binutils 2.45. Affected is the function elf_link_add_object_symbols of the file bfd/elflink.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and…

  • CVE-2025-11412LowOct 7, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability has been found in GNU Binutils 2.45. This impacts the function bfd_elf_gc_record_vtentry of the file bfd/elflink.c of the component Linker. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been…

  • CVE-2025-11081LowSep 27, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dump_dwarf_section of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit is now public and may be used.…

  • CVE-2025-8225LowJul 27, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function process_debug_info of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The…

  • CVE-2025-8224LowJul 27, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfd_elf_get_str_section of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to…

  • CVE-2025-3198LowApr 4, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function display_info of the file binutils/bucomm.c of the component objdump. The manipulation leads to memory leak. An attack has to be approached…

  • CVE-2005-4807Dec 31, 2005
    risk 0.04cvss epss 0.12

    Stack-based buffer overflow in the as_bad function in messages.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code.

  • CVE-2014-8485Dec 9, 2014
    risk 0.01cvss epss 0.07

    The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted section group headers in an ELF file.

  • CVE-2026-4647Mar 23, 2026
    risk 0.00cvss epss 0.00

    A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being…

Page 8 of 14