Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-11083

Опубликовано: 27 сент. 2025
Источник: debian
EPSS Низкий

Описание

A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elf_swap_shdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 9ca499644a21ceb3f946d1c179c38a83be084490. To fix this issue, it is recommended to deploy a patch. The code maintainer replied with "[f]ixed for 2.46".

Пакеты

ПакетСтатусВерсия исправленияРелизТип
binutilsunfixedpackage

Примечания

  • https://sourceware.org/bugzilla/show_bug.cgi?id=33457

  • https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=9ca499644a21ceb3f946d1c179c38a83be084490

  • binutils not covered by security support

EPSS

Процентиль: 3%
0.00023
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2025-11083

CVSS3: 5.3
ubuntu
около 2 месяцев назад

A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elf_swap_shdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 9ca499644a21ceb3f946d1c179c38a83be084490. To fix this issue, it is recommended to deploy a patch. The code maintainer replied with "[f]ixed for 2.46".

nvd логотип

CVE-2025-11083

CVSS3: 5.3
nvd
около 2 месяцев назад

A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elf_swap_shdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 9ca499644a21ceb3f946d1c179c38a83be084490. To fix this issue, it is recommended to deploy a patch. The code maintainer replied with "[f]ixed for 2.46".

msrc логотип

CVE-2025-11083

CVSS3: 5.5
msrc
около 2 месяцев назад

GNU Binutils Linker elfcode.h elf_swap_shdr heap-based overflow

github логотип

GHSA-fmx9-hrmg-3x9v

CVSS3: 5.3
github
около 2 месяцев назад

A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elf_swap_shdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 9ca499644a21ceb3f946d1c179c38a83be084490. To fix this issue, it is recommended to deploy a patch. The code maintainer replied with "[f]ixed for 2.46".

redos логотип

ROS-20251106-05

CVSS3: 7.8
redos
14 дней назад

Множественные уязвимости binutils

EPSS

Процентиль: 3%
0.00023
Низкий