CNNVD-202507-3409 Information
CNNVD ID
CNNVD-202507-3409
Related CVE
- CNNVD Published: 2025-07-27
Description (Chinese)
GNU Binutils(GNU Binary Utilities)是美国GNU社区的开发的一组编程语言工具程序。该程序主要用于处理多种格式的目标文件,并提供有连接器、汇编器和其他用于目标文件和档案的工具。 GNU Binutils(GNU Binary Utilities)2.44版本存在安全漏洞,该漏洞源于组件BFD Library中文件bfd/elf.c的函数bfd_elf_get_str_section存在空指针取消引用。
Description (English)
GNU Binutils (GNU Binary Utilities) is a programming language tool developed by the GNU community in the United States. The program is used primarily to process target documents in multiple formats and to provide links, compilers and other tools for target documents and archives. There is a security loophole in version 2.44 of GNU Binary Utilities, which is derived from the function of document bfd/elf.c in component BFD Library.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
GNU
Published
2025-07-27
Last Modified
2026-02-24
References
https://sourceware.org/bugzilla/show_bug.cgi?id=32109 https://vuldb.com/?submit.621878 https://vuldb.com/?id.317812 https://sourceware.org/bugzilla/attachment.cgi?id=15680 https://sourceware.org/bugzilla/show_bug.cgi?id=32109#c2 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=db856d41004301b3a56438efd957ef5cabb91530 https://www.gnu.org/ https://vuldb.com/?ctiid.317812 https://vigilance.fr/vulnerability/GNU-Binutils-NULL-pointer-dereference-via-bfd-elf-get-str-section-47843
Patch
https://ftp.gnu.org/gnu/binutils/
Share on: