CNNVD-202510-877 Information
CNNVD ID
CNNVD-202510-877
Related CVE
- CNNVD Published: 2025-10-07
Description (Chinese)
GNU Binutils(GNU Binary Utilities)是美国GNU社区的开发的一组编程语言工具程序。该程序主要用于处理多种格式的目标文件,并提供有连接器、汇编器和其他用于目标文件和档案的工具。 GNU Binutils 2.45版本存在安全漏洞,该漏洞源于对文件bfd/elflink.c中函数bfd_elf_gc_record_vtentry的错误操作,可能导致越界读取。
Description (English)
GNU Binutils (GNU Binary Utilities) is a programming language tool developed by the GNU community in the United States. The program is used primarily to process target documents in multiple formats and to provide links, compilers and other tools for target documents and archives. There is a security loophole in version 2.45 of GNU Binutils, which results from an error in the function in document bfd/elflink.c, bfd elf gc record vtantry, which may result in cross-border reading.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
GNU
Published
2025-10-07
Last Modified
2026-02-24
References
https://sourceware.org/bugzilla/show_bug.cgi?id=33452 https://sourceware.org/bugzilla/attachment.cgi?id=16378 https://vuldb.com/?ctiid.327348 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=047435dd988a3975d40c6626a8f739a0b2e154bc https://sourceware.org/bugzilla/show_bug.cgi?id=33452#c8 https://vuldb.com/?id.327348 https://www.gnu.org/ https://vigilance.fr/vulnerability/GNU-Binutils-three-vulnerabilities-dated-14-11-2025-48776
Patch
https://sourceware.org/bugzilla/show_bug.cgi?id=33452
Share on: