CVE-2025-69650

Name
CVE-2025-69650
Description
GNU Binutils thru 2.46 readelf contains a double free vulnerability when processing a crafted ELF binary with malformed relocation data. During GOT relocation handling, dump_relocations may return early without initializing the all_relocations array. As a result, process_got_section_contents() may pass an uninitialized r_symbol pointer to free(), leading to a double free and terminating the program with SIGABRT. No evidence of exploitable memory corruption or code execution was observed; the impact is limited to denial of service. NOTE: this is disputed by third parties because the observed behavior occurred only in pre-release code and did not affect any tagged version.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
cve@mitre.org https://sourceware.org/bugzilla/show_bug.cgi?id=33698
cve@mitre.org https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ea4bc025abdba85a90e26e13f551c16a44bfa921
cve@mitre.org https://sourceware.org/bugzilla/show_bug.cgi?id=33700
cve@mitre.org https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=81e90cf63a10ad11772c2437c8f2a88f1a00c739
cve@mitre.org https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=ea4bc025abdba85a90e26e13f551c16a44bfa92

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:* binutils >= None <= 2.46

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
binutils edge-main 2.45.1-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils edge-main 2.45.1-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils edge-main 2.45-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils edge-main 2.44-r4 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils edge-main 2.44-r3 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils edge-main 2.44-r2 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils edge-main 2.44-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils edge-main 2.43.1-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils edge-main 2.40-r12 Ariadne Conill <ariadne@dereferenced.org> possibly vulnerable
binutils edge-main 2.40-r11 Ariadne Conill <ariadne@dereferenced.org> possibly vulnerable
binutils edge-main 2.40-r10 Ariadne Conill <ariadne@dereferenced.org> possibly vulnerable
binutils edge-main 2.40-r8 Ariadne Conill <ariadne@dereferenced.org> possibly vulnerable
binutils edge-main 2.40-r7 Ariadne Conill <ariadne@dereferenced.org> possibly vulnerable
binutils edge-main 2.40-r6 Ariadne Conill <ariadne@dereferenced.org> possibly vulnerable
binutils edge-main 2.40-r0 Ariadne Conill <ariadne@dereferenced.org> possibly vulnerable
binutils edge-main 2.39-r3 Ariadne Conill <ariadne@dereferenced.org> possibly vulnerable
binutils edge-main 2.39-r2 Ariadne Conill <ariadne@dereferenced.org> possibly vulnerable
binutils edge-main 2.39-r1 Ariadne Conill <ariadne@dereferenced.org> possibly vulnerable
binutils edge-main 2.39-r0 None possibly vulnerable
binutils edge-main 2.35.2-r2 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils edge-main 2.35.2-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils edge-main 2.32-r0 None possibly vulnerable
binutils edge-main 2.28-r1 None possibly vulnerable
binutils 3.23-main 2.45.1-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils 3.22-main 2.44-r3 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils 3.22-main 2.44-r2 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils 3.22-main 2.44-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils 3.22-main 2.40-r10 None possibly vulnerable
binutils 3.22-main 2.40-r0 None possibly vulnerable
binutils 3.22-main 2.39-r2 None possibly vulnerable
binutils 3.22-main 2.39-r0 None possibly vulnerable
binutils 3.22-main 2.35.2-r1 None possibly vulnerable
binutils 3.22-main 2.32-r0 None possibly vulnerable
binutils 3.22-main 2.28-r1 None possibly vulnerable
binutils 3.21-main 2.43.1-r3 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils 3.21-main 2.43.1-r2 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils 3.21-main 2.43.1-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils 3.21-main 2.40-r10 None possibly vulnerable
binutils 3.21-main 2.40-r0 None possibly vulnerable
binutils 3.21-main 2.39-r2 None possibly vulnerable
binutils 3.21-main 2.39-r0 None possibly vulnerable
binutils 3.21-main 2.35.2-r1 None possibly vulnerable
binutils 3.21-main 2.32-r0 None possibly vulnerable
binutils 3.21-main 2.28-r1 None possibly vulnerable
binutils 3.20-main 2.42-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils 3.20-main 2.42-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils 3.20-main 2.40-r10 None possibly vulnerable
binutils 3.20-main 2.40-r0 None possibly vulnerable
binutils 3.20-main 2.39-r2 None possibly vulnerable
binutils 3.20-main 2.39-r0 None possibly vulnerable
binutils 3.20-main 2.35.2-r1 None possibly vulnerable
binutils 3.20-main 2.32-r0 None possibly vulnerable
binutils 3.20-main 2.28-r1 None possibly vulnerable
binutils 3.19-main 2.41-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils 3.19-main 2.41-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils 3.19-main 2.40-r10 None possibly vulnerable
binutils 3.19-main 2.40-r0 None possibly vulnerable
binutils 3.19-main 2.39-r2 None possibly vulnerable
binutils 3.19-main 2.39-r0 None possibly vulnerable
binutils 3.19-main 2.35.2-r1 None possibly vulnerable
binutils 3.19-main 2.32-r0 None possibly vulnerable
binutils 3.19-main 2.28-r1 None possibly vulnerable