CNNVD-202510-876 Information
CNNVD ID
CNNVD-202510-876
Related CVE
- CNNVD Published: 2025-10-07
Description (Chinese)
GNU Binutils(GNU Binary Utilities)是美国GNU社区的开发的一组编程语言工具程序。该程序主要用于处理多种格式的目标文件,并提供有连接器、汇编器和其他用于目标文件和档案的工具。 GNU Binutils(GNU Binary Utilities) 2.45版本存在安全漏洞,该漏洞源于对文件bfd/elflink.c中函数elf_link_add_object_symbols的错误操作,可能导致越界读取。
Description (English)
GNU Binutils (GNU Binary Utilities) is a programming language tool developed by the GNU community in the United States. The program is used primarily to process target documents in multiple formats and to provide links, compilers and other tools for target documents and archives. There is a security loophole in version 2.45 of GNU Binutils (GNU Binary Utilities) resulting from an error in the function elf link add object symbols of document bfd/elflink.c, which may result in cross-border reading.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
GNU
Published
2025-10-07
Last Modified
2026-02-24
References
https://sourceware.org/bugzilla/show_bug.cgi?id=33456#c10 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=72efdf166aa0ed72ecc69fc2349af6591a7a19c0 https://sourceware.org/bugzilla/attachment.cgi?id=16362 https://sourceware.org/bugzilla/show_bug.cgi?id=33452 https://vuldb.com/?submit.665587 https://vuldb.com/?ctiid.327349 https://vuldb.com/?id.327349 https://www.gnu.org/ https://vigilance.fr/vulnerability/GNU-Binutils-three-vulnerabilities-dated-14-11-2025-48776
Patch
https://sourceware.org/bugzilla/show_bug.cgi?id=33452
Share on: