CNNVD-202510-1119 Information
CNNVD ID
CNNVD-202510-1119
Related CVE
- CNNVD Published: 2025-10-08
Description (Chinese)
GNU Binutils(GNU Binary Utilities)是美国GNU社区的开发的一组编程语言工具程序。该程序主要用于处理多种格式的目标文件,并提供有连接器、汇编器和其他用于目标文件和档案的工具。 GNU Binutils 2.45版本存在安全漏洞,该漏洞源于elf64-x86-64.c文件中elf_x86_64_relocate_section函数存在堆缓冲区溢出,可能导致执行任意代码。
Description (English)
GNU Binutils (GNU Binary Utilities) is a programming language tool developed by the GNU community in the United States. The program is used primarily to process target documents in multiple formats and to provide links, compilers and other tools for target documents and archives. The security gap in version 2.45 of the GNU Binutils stems from the spilling of a stack of buffers from the elf x86 64 relocate section function in document elf64-x86-64.c, which may result in the implementation of any code.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
GNU
Published
2025-10-08
Last Modified
2026-02-24
References
https://sourceware.org/bugzilla/attachment.cgi?id=16393 https://sourceware.org/bugzilla/show_bug.cgi?id=33502 https://sourceware.org/bugzilla/show_bug.cgi?id=33502#c3 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6b21c8b2ecfef5c95142cbc2c32f185cb1c26ab0 https://vuldb.com/?ctiid.327620 https://vuldb.com/?id.327620 https://vuldb.com/?submit.668290 https://www.gnu.org/
Patch
https://ftp.gnu.org/gnu/binutils/
Share on: