Memory Leak Vulnerability in GNU Binutils by GNU
CVE-2025-8225

4.8MEDIUM

Key Information:

Vendor

Gnu
Status
Binutils
Vendor
CVE Published:
27 July 2025

What is CVE-2025-8225?

A significant memory leak vulnerability has been discovered in GNU Binutils 2.44, specifically within the process_debug_info function of the DWARF Section Handler. This flaw could potentially be exploited via local attack vectors to manipulate and leak memory. To mitigate this issue, it is crucial to implement the patch identified by commit e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4. Regular application of security updates is essential to ensure the integrity of the system.

Affected Version(s)

Binutils 2.44

References

https://vuldb.com/?id.317813
vdb-entrytechnical-description
https://vuldb.com/?ctiid.317813
signaturepermissions-required
https://vuldb.com/?submit.621883
third-party-advisory

CVSS V4

Score:
4.8
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

arthurx (VulDB User)
JSON
.