Bug 2445299 (CVE-2025-69651)
| Summary: | CVE-2025-69651 binutils: Binutils: Denial of Service via crafted ELF binary processing | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | CC: | crizzo, gtanzill, jbuscemi, jmitchel, kshier, pbohmill, teagle |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in binutils. An attacker could exploit this vulnerability by providing a crafted Executable and Linkable Format (ELF) binary with malformed relocation or symbol data. Processing this malicious binary leads to an invalid pointer free, which triggers memory corruption checks and causes the program to terminate.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2445384, 2445385, 2445390, 2445391, 2445386, 2445387, 2445388, 2445389 | ||
| Bug Blocks: | |||
|
Description
OSIDB Bzimport
2026-03-06 19:01:52 UTC
|