Volerion logoVolerion
Volerion logoVolerion

GNU Binutils Memory Leak Vulnerability in ld Component

Vulnerability

A memory leak vulnerability has been identified in GNU Binutils version 2.43, specifically within the ld component's xstrdup function in libiberty/xmalloc.c. This vulnerability allows for a remote memory leak, where the application fails to properly manage and release allocated memory, leading to increased memory consumption over time. The vulnerability has been publicly disclosed and is considered difficult to exploit, although a proof-of-concept exploit is available.

Impact

Exploitation of this vulnerability leads to a memory leak, where the application consumes more memory over time without releasing it, potentially causing a denial-of-service condition by exhausting available memory resources.

Remediation

Users are advised to update to a version of GNU Binutils that includes the leak fixes available in the master branch. The vulnerability can be patched by applying the recommended updates.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
7.8
impact
2.5
exploitability
5.8
remediation
7.7
relevance
0.0
threat
6.4
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.