CNNVD-202507-1795 Information
CNNVD ID
CNNVD-202507-1795
Related CVE
- CNNVD Published: 2025-07-13
Description (Chinese)
GNU Binutils(GNU Binary Utilities)是美国GNU社区的开发的一组编程语言工具程序。该程序主要用于处理多种格式的目标文件,并提供有连接器、汇编器和其他用于目标文件和档案的工具。 GNU Binutils(GNU Binary Utilities) 2.45版本存在安全漏洞,该漏洞源于对文件binutils/objcopy.c中函数copy_section的错误操作导致堆缓冲区溢出。
Description (English)
GNU Binutils (GNU Binary Utilities) is a programming language tool developed by the GNU community in the United States. The program is used primarily to process target documents in multiple formats and to provide links, compilers and other tools for target documents and archives. Version 2.45 of GNU Binutils (GNU Binary Utilities) contains a security loophole, which results from an error in the document binutils/objcopy.c function copy section resulting in the spilling out of the buffer zone.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
GNU
Published
2025-07-13
Last Modified
2026-02-24
References
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944 https://vuldb.com/?id.316243 https://vuldb.com/?ctiid.316243 https://sourceware.org/bugzilla/show_bug.cgi?id=33049 https://sourceware.org/bugzilla/show_bug.cgi?id=33049#c1 https://vuldb.com/?submit.614355 https://sourceware.org/bugzilla/attachment.cgi?id=16117 https://www.gnu.org/ https://vigilance.fr/vulnerability/mingw-binutils-buffer-overflow-dated-28-07-2025-47796
Patch
https://ftp.gnu.org/gnu/binutils/
Share on: