CVE-2025-69645

Name
CVE-2025-69645
Description
Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offset_size value being used inside byte_get_little_endian, leading to an abort (SIGABRT). The issue was observed in binutils 2.44. A local attacker can trigger the crash by supplying a malicious input file.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
cve@mitre.org https://sourceware.org/bugzilla/show_bug.cgi?id=33637
cve@mitre.org https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=cdb728d4da6184631989b192f1022c219dea7677

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:gnu:binutils:2.44:*:*:*:*:*:*:* binutils == None == 2.44

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
binutils edge-main 2.44-r4 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils edge-main 2.44-r3 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils edge-main 2.44-r2 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils edge-main 2.44-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils 3.22-main 2.44-r3 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils 3.22-main 2.44-r2 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils 3.22-main 2.44-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable