CNNVD-202510-872 Information
CNNVD ID
CNNVD-202510-872
Related CVE
- CNNVD Published: 2025-10-07
Description (Chinese)
GNU Binutils(GNU Binary Utilities)是美国GNU社区的开发的一组编程语言工具程序。该程序主要用于处理多种格式的目标文件,并提供有连接器、汇编器和其他用于目标文件和档案的工具。 GNU Binutils 2.45版本存在安全漏洞,该漏洞源于对文件bfd/elflink.c中函数get_link_hash_entry的错误操作,可能导致越界读取。
Description (English)
GNU Binutils (GNU Binary Utilities) is a programming language tool developed by the GNU community in the United States. The program is used primarily to process target documents in multiple formats and to provide links, compilers and other tools for target documents and archives. There is a security loophole in version 2.45 of GNU Binutils, which results from a mishandling of the get link hash entry function in document cfd/elflink.c, which may result in cross-border reading.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
GNU
Published
2025-10-07
Last Modified
2026-02-24
References
https://sourceware.org/bugzilla/attachment.cgi?id=16361 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=aeaaa9af6359c8e394ce9cf24911fec4f4d23703 https://vuldb.com/?ctiid.327350 https://sourceware.org/bugzilla/show_bug.cgi?id=33450 https://vuldb.com/?id.327350 https://vuldb.com/?submit.665591 https://www.gnu.org/ https://vigilance.fr/vulnerability/GNU-Binutils-three-vulnerabilities-dated-14-11-2025-48776
Patch
https://sourceware.org/bugzilla/show_bug.cgi?id=33450
Share on: