Denial of Service Flaw in Binutils Affects Users Processing ELF Files
CVE-2026-6845

5MEDIUM

Key Information:

Vendor: Red Hat
Status: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8
Vendor: CVE Published:; 22 April 2026

What is CVE-2026-6845?

A flaw exists in the Binutils package, specifically within the readelf utility, enabling local attackers to induce a Denial of Service (DoS) condition. By persuading users to process a specially crafted Executable and Linkable Format (ELF) file, the attack can lead to significant resource overhead or a potential crash of the system. This can render the affected system unresponsive, highlighting the importance of vigilance and timely updates for systems utilizing Binutils.

References

https://access.redhat.com/security/cve/CVE-2026-6845

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2460012

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 22, 2026
Vulnerability Reserved
Apr 22, 2026

CVE-2026-6845 Data

JSON

Red Hat

What is CVE-2026-6845?

References

CVSS V3.1

Timeline