CNNVD-202509-4229 Information
CNNVD ID
CNNVD-202509-4229
Related CVE
- CNNVD Published: 2025-09-27
Description (Chinese)
GNU Binutils(GNU Binary Utilities)是美国GNU社区的开发的一组编程语言工具程序。该程序主要用于处理多种格式的目标文件,并提供有连接器、汇编器和其他用于目标文件和档案的工具。 GNU Binutils 2.45版本存在安全漏洞,该漏洞源于bfd/elfcode.h库中elf_swap_shdr函数存在堆缓冲区溢出,可能导致本地攻击。
Description (English)
GNU Binutils (GNU Binary Utilities) is a programming language tool developed by the GNU community in the United States. The program is used primarily to process target documents in multiple formats and to provide links, compilers and other tools for target documents and archives. There is a security loophole in version 2.45 of GNU Binutils, which originates from the presence of the elf swap shdr function in the bfd/elfcode.h library, which could lead to local attacks.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
GNU
Published
2025-09-27
Last Modified
2026-02-24
References
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=9ca499644a21ceb3f946d1c179c38a83be084490 https://vuldb.com/?id.326124 https://vuldb.com/?ctiid.326124 https://vuldb.com/?submit.661277 https://sourceware.org/bugzilla/show_bug.cgi?id=33457#c1 https://sourceware.org/bugzilla/attachment.cgi?id=16353 https://www.gnu.org/ https://vigilance.fr/vulnerability/GNU-Binutils-buffer-overflow-via-elf-swap-shdr-48425
Patch
https://www.gnu.org/distros/free-distros.html
Share on: