CVE-2025-3198

Name
CVE-2025-3198
Description
A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function display_info of the file binutils/bucomm.c of the component objdump. The manipulation leads to memory leak. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named ba6ad3a18cb26b79e0e3b84c39f707535bbc344d. It is recommended to apply a patch to fix this issue.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
vdb-entry https://vuldb.com/?id.303151
signature https://vuldb.com/?ctiid.303151
third-party-advisory https://vuldb.com/?submit.545773
issue-tracking https://sourceware.org/bugzilla/show_bug.cgi?id=32716
exploit https://sourceware.org/bugzilla/show_bug.cgi?id=32716#c0
patch https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ba6ad3a18cb26b79e0e3b84c39f707535bbc344d
product https://www.gnu.org/

Match rules

CPE URI Source package Min version Max version
binutils == 2.43 == 2.43
binutils == 2.44 == 2.44
cpe:2.3:a:gnu:binutils:2.43:*:*:*:*:*:*:* binutils == None == 2.43
cpe:2.3:a:gnu:binutils:2.44:*:*:*:*:*:*:* binutils == None == 2.44

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
binutils edge-main 2.44-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable