CVE-2025-5244

CVE-2025-5244

Name

CVE-2025-5244

Description

A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elf_gc_sweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 2.45 is able to address this issue. It is recommended to upgrade the affected component.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
exploit	https://sourceware.org/bugzilla/attachment.cgi?id=16010
issue-tracking	https://sourceware.org/bugzilla/show_bug.cgi?id=32858
patch	https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d1458933830456e54223d9fc61f0d9b3a19256f5
signature	https://vuldb.com/?ctiid.310346
vdb-entry	https://vuldb.com/?id.310346
third-party-advisory	https://vuldb.com/?submit.584634
broken-link	https://www.gnu.org/

Type

URI

exploit

https://sourceware.org/bugzilla/attachment.cgi?id=16010

issue-tracking

https://sourceware.org/bugzilla/show_bug.cgi?id=32858

patch

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d1458933830456e54223d9fc61f0d9b3a19256f5

signature

https://vuldb.com/?ctiid.310346

vdb-entry

https://vuldb.com/?id.310346

third-party-advisory

https://vuldb.com/?submit.584634

broken-link

https://www.gnu.org/

Match rules

Source package	Min version	Max version
binutils	== 2.0	== 2.0
binutils	== 2.1	== 2.1
binutils	== 2.2	== 2.2
binutils	== 2.3	== 2.3
binutils	== 2.4	== 2.4
binutils	== 2.5	== 2.5
binutils	== 2.6	== 2.6
binutils	== 2.7	== 2.7
binutils	== 2.8	== 2.8
binutils	== 2.9	== 2.9
binutils	== 2.10	== 2.10
binutils	== 2.11	== 2.11
binutils	== 2.12	== 2.12
binutils	== 2.13	== 2.13
binutils	== 2.14	== 2.14
binutils	== 2.15	== 2.15
binutils	== 2.16	== 2.16
binutils	== 2.17	== 2.17
binutils	== 2.18	== 2.18
binutils	== 2.19	== 2.19
binutils	== 2.20	== 2.20
binutils	== 2.21	== 2.21
binutils	== 2.22	== 2.22
binutils	== 2.23	== 2.23
binutils	== 2.24	== 2.24
binutils	== 2.25	== 2.25
binutils	== 2.26	== 2.26
binutils	== 2.27	== 2.27
binutils	== 2.28	== 2.28
binutils	== 2.29	== 2.29
binutils	== 2.30	== 2.30
binutils	== 2.31	== 2.31
binutils	== 2.32	== 2.32
binutils	== 2.33	== 2.33
binutils	== 2.34	== 2.34
binutils	== 2.35	== 2.35
binutils	== 2.36	== 2.36
binutils	== 2.37	== 2.37
binutils	== 2.38	== 2.38
binutils	== 2.39	== 2.39
binutils	== 2.40	== 2.40
binutils	== 2.41	== 2.41
binutils	== 2.42	== 2.42
binutils	== 2.43	== 2.43
binutils	== 2.44	== 2.44

CPE URI

Source package

Min version

Max version

binutils

== 2.0

binutils

== 2.1

binutils

== 2.2

binutils

== 2.3

binutils

== 2.4

binutils

== 2.5

binutils

== 2.6

binutils

== 2.7

binutils

== 2.8

binutils

== 2.9

binutils

== 2.10

binutils

== 2.11

binutils

== 2.12

binutils

== 2.13

binutils

== 2.14

binutils

== 2.15

binutils

== 2.16

binutils

== 2.17

binutils

== 2.18

binutils

== 2.19

binutils

== 2.20

binutils

== 2.21

binutils

== 2.22

binutils

== 2.23

binutils

== 2.24

binutils

== 2.25

binutils

== 2.26

binutils

== 2.27

binutils

== 2.28

binutils

== 2.29

binutils

== 2.30

binutils

== 2.31

binutils

== 2.32

binutils

== 2.33

binutils

== 2.34

binutils

== 2.35

binutils

== 2.36

binutils

== 2.37

binutils

== 2.38

binutils

== 2.39

binutils

== 2.40

binutils

== 2.41

binutils

== 2.42

binutils

== 2.43

binutils

== 2.44

Source package	Branch	Version	Maintainer	Status
binutils	edge-main	2.44-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

binutils

edge-main

2.44-r0

Natanael Copa <ncopa@alpinelinux.org>

possibly vulnerable

References

Match rules

Vulnerable and fixed packages