2404439 – (CVE-2025-11839) CVE-2025-11839 binutils: GNU Binutils prdbg.c tg_tag_type return value

Bug 2404439 (CVE-2025-11839) - CVE-2025-11839 binutils: GNU Binutils prdbg.c tg_tag_type return value

Summary: CVE-2025-11839 binutils: GNU Binutils prdbg.c tg_tag_type return value

Keywords:
Status:	NEW
Alias:	CVE-2025-11839
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2404492 2404493 2404494 2404495 2404496 2404497 2404498 2404500 2404501 2404502 2404503 2404504 2404506 2404507 2404508 2404509 2404499 2404505
Blocks:
TreeView+	depends on / blocked

Reported:	2025-10-16 15:01 UTC by OSIDB Bzimport
Modified:	2025-10-16 17:06 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-10-16 15:01:44 UTC

A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Performing manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be exploited.

Note You need to log in before you can comment on or make changes to this bug.