Primary

Context

GNU Binutils Return Value Vulnerability in prdbg.c tg_tag_type Function

Vulnerability

A return value vulnerability has been identified in GNU Binutils version 2.45. The issue arises in the function tg_tag_type within the file prdbg.c. This vulnerability allows for manipulation that leads to an unchecked return value, potentially causing a denial-of-service condition. The vulnerability requires local access to exploit.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the application to crash or become unresponsive.

Reproduction

The vulnerability can be reproduced by compiling GNU Binutils 2.45 with debugging information enabled. After compiling, the 'objdump' command can be used to disassemble a file with specific options that trigger the vulnerability. The 'tg_tag_type' function will then abort the process, causing a crash.

Added: Oct 16, 2025, 2:41 PM

Updated: Oct 16, 2025, 3:40 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

6.0

remediation

0.0

relevance

0.7

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

6.0

remediation

0.0

relevance

0.7

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GNU Binutils Return Value Vulnerability in prdbg.c tg_tag_type Function

Vulnerability

Impact

Reproduction

Affected Products

GNU Binutils

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating