Primary

Context

GNU Binutils Memory Corruption Vulnerability in ld Component

Vulnerability

Patched

A critical memory corruption vulnerability has been identified in GNU Binutils versions through 2.44. The issue arises in the ld component, specifically within the elf_gc_sweep function of the file bfd/elflink.c. This vulnerability requires local access to exploit and has been publicly disclosed, with an available proof-of-concept exploit.

Impact

Exploitation of this vulnerability leads to memory corruption.

Remediation

Upgrading to GNU Binutils version 2.45 addresses this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

0.6

exploitability

4.6

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

0.6

exploitability

4.6

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GNU Binutils Memory Corruption Vulnerability in ld Component

Vulnerability

Impact

Remediation

Affected Products

GNU Binutils

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating