CVE-2025-1153

CVE-2025-1153

Name

CVE-2025-1153

Description

A vulnerability classified as problematic was found in GNU Binutils 2.43/2.44. Affected by this vulnerability is the function bfd_set_format of the file format.c. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 2.45 is able to address this issue. The identifier of the patch is 8d97c1a53f3dc9fd8e1ccdb039b8a33d50133150. It is recommended to upgrade the affected component.

NVD Severity

low

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
issue-tracking	https://sourceware.org/bugzilla/show_bug.cgi?id=32603
patch	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8d97c1a53f3dc9fd8e1ccdb039b8a33d50133150
signature	https://vuldb.com/?ctiid.295057
vdb-entry	https://vuldb.com/?id.295057
third-party-advisory	https://vuldb.com/?submit.489991
product	https://www.gnu.org/
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20250404-0005/

Type

URI

issue-tracking

https://sourceware.org/bugzilla/show_bug.cgi?id=32603

patch

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8d97c1a53f3dc9fd8e1ccdb039b8a33d50133150

signature

https://vuldb.com/?ctiid.295057

vdb-entry

https://vuldb.com/?id.295057

third-party-advisory

https://vuldb.com/?submit.489991

product

https://www.gnu.org/

af854a3a-2127-422b-91ae-364da2661108

https://security.netapp.com/advisory/ntap-20250404-0005/

CPE URI	Source package	Min version	Max version
	binutils	== 2.43	== 2.43
	binutils	== 2.44	== 2.44

CPE URI

Source package

Min version

Max version

binutils

== 2.43

binutils

== 2.44

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
binutils	edge-main	2.44-r4	Natanael Copa <ncopa@alpinelinux.org>	fixed
binutils	edge-main	2.44-r3	Natanael Copa <ncopa@alpinelinux.org>	fixed
binutils	edge-main	2.44-r2	Natanael Copa <ncopa@alpinelinux.org>	fixed
binutils	edge-main	2.44-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
binutils	3.22-main	2.44-r3	Natanael Copa <ncopa@alpinelinux.org>	fixed
binutils	3.22-main	2.44-r2	Natanael Copa <ncopa@alpinelinux.org>	fixed
binutils	3.22-main	2.44-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
binutils	3.21-main	2.43.1-r3	Natanael Copa <ncopa@alpinelinux.org>	fixed

Source package

Branch

Version

Maintainer

Status

binutils

edge-main

2.44-r4

Natanael Copa <ncopa@alpinelinux.org>

fixed

binutils

edge-main