Memory Corruption Vulnerability in GNU Binutils by GNU
CVE-2025-1153
2.3LOW
Summary
A memory corruption vulnerability was discovered in GNU Binutils versions 2.43 and 2.44, specifically within the bfd_set_format function in file format.c. This flaw can be exploited remotely, although achieving successful exploitation requires a high level of sophistication. Users are strongly advised to upgrade to version 2.45 to mitigate the risk associated with this vulnerability. The patch addressing this issue is associated with identifier 8d97c1a53f3dc9fd8e1ccdb039b8a33d50133150.
Affected Version(s)
Binutils 2.43
Binutils 2.44
References
CVSS V4
Score:
2.3
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown
Timeline
Vulnerability published
Vulnerability Reserved
Credit
wenjusun (VulDB User)