GNU Binutils Buffer Overflow Vulnerability in the 'nm' Component

Vulnerability

A buffer overflow vulnerability has been identified in GNU Binutils version 2.43, specifically within the 'nm' component. The issue arises in the function '__sanitizer::internal_strlen' in 'binutils/nm.c', where improper manipulation of the argument const creates the potential for a buffer overflow. This vulnerability can be exploited remotely, although the complexity of the attack is considered high, making exploitation difficult.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

6.0

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

6.0

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GNU Binutils Buffer Overflow Vulnerability in the 'nm' Component

Vulnerability

Impact

Affected Products

GNU Binutils

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating