Primary

Context

GNU Binutils Memory Leak Vulnerability in ld Component

Vulnerability

Patched

A memory leak vulnerability has been identified in GNU Binutils version 2.43. This issue arises in the ld component, specifically within the xmemdup function of xmemdup.c. The vulnerability allows for a remote memory leak, where the application fails to properly manage and release allocated memory, leading to increased memory consumption over time. Although the vulnerability can be exploited remotely, it requires user interaction and is considered to have a high attack complexity.

Impact

Exploitation of this vulnerability leads to a memory leak, causing increased memory usage that is not properly released, which can degrade system performance over time.

Remediation

Users are advised to apply the available patch to address this vulnerability. The patch can be found in the official GNU Binutils repository.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

5.8

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

5.8

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GNU Binutils Memory Leak Vulnerability in ld Component

Vulnerability

Impact

Remediation

Affected Products

GNU Binutils

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating