Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-11082

Опубликовано: 27 сент. 2025
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 5.3

Описание

A flaw has been found in GNU Binutils 2.45. Impacted is the function _bfd_elf_parse_eh_frame of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. This patch is called ea1a0737c7692737a644af0486b71e4a392cbca8. A patch should be applied to remediate this issue. The code maintainer replied with "[f]ixed for 2.46".

РелизСтатусПримечание
devel

not-affected

2.45.50.20251125-1ubuntu1
esm-infra-legacy/trusty

released

2.24-5ubuntu14.2+esm8
esm-infra/bionic

released

2.30-21ubuntu1~18.04.9+esm13
esm-infra/focal

released

2.34-6ubuntu1.11+esm2
esm-infra/xenial

released

2.26.1-1ubuntu1~16.04.8+esm14
jammy

released

2.38-4ubuntu2.10
noble

released

2.42-4ubuntu2.6
plucky

released

2.44-3ubuntu1.1
questing

released

2.45-7ubuntu1.2
upstream

released

2.46

Показывать по

Ссылки на источники

EPSS

Процентиль: 6%
0.00023
Низкий

4.3 Medium

CVSS2

5.3 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2025-11082

CVSS3: 5.3
nvd
4 месяца назад

A flaw has been found in GNU Binutils 2.45. Impacted is the function _bfd_elf_parse_eh_frame of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. This patch is called ea1a0737c7692737a644af0486b71e4a392cbca8. A patch should be applied to remediate this issue. The code maintainer replied with "[f]ixed for 2.46".

msrc логотип

CVE-2025-11082

CVSS3: 5.3
msrc
4 месяца назад

GNU Binutils Linker elf-eh-frame.c _bfd_elf_parse_eh_frame heap-based overflow

debian логотип

CVE-2025-11082

CVSS3: 5.3
debian
4 месяца назад

A flaw has been found in GNU Binutils 2.45. Impacted is the function _ ...

github логотип

GHSA-4whc-3xqp-jprr

CVSS3: 5.3
github
4 месяца назад

A flaw has been found in GNU Binutils 2.45. Impacted is the function _bfd_elf_parse_eh_frame of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. This patch is called ea1a0737c7692737a644af0486b71e4a392cbca8. A patch should be applied to remediate this issue. The code maintainer replied with "[f]ixed for 2.46".

fstec логотип

BDU:2025-13243

CVSS3: 5.3
fstec
4 месяца назад

Уязвимость функции _bfd_elf_parse_eh_frame() программного средства разработки GNU Binutils, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 6%
0.00023
Низкий

4.3 Medium

CVSS2

5.3 Medium

CVSS3