Primary

Context

GNU Binutils Memory Corruption Vulnerability in ld Component

Vulnerability

A critical memory corruption vulnerability has been identified in GNU Binutils versions through 2.43. This issue arises in the ld component, specifically within the _bfd_elf_gc_mark_rsec function in bfd/elflink.c. The vulnerability can be exploited remotely, although the attack's complexity is considered high, making successful exploitation difficult.

Impact

Exploitation of this vulnerability could lead to memory corruption, with potential consequences including the disclosure of sensitive information, unauthorized data modification, or a denial-of-service condition.

Remediation

Users are advised to apply the patch identified by the commit hash 931494c9a89558acb36a03a340c01726545eef24 to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

7.5

exploitability

6.0

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

7.5

exploitability

6.0

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GNU Binutils Memory Corruption Vulnerability in ld Component

Vulnerability

Impact

Remediation

Affected Products

GNU Binutils

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating