CVE-2025-8225

Name
CVE-2025-8225
Description
A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function process_debug_info of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patch is e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4. It is recommended to apply a patch to fix this issue.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
patch https://gitlab.com/gnutools/binutils-gdb/-/commit/e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4
signature https://vuldb.com/?ctiid.317813
vdb-entry https://vuldb.com/?id.317813
third-party-advisory https://vuldb.com/?submit.621883
product https://www.gnu.org/

Match rules

CPE URI Source package Min version Max version
binutils == 2.44 == 2.44

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
binutils edge-main 2.44-r4 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils edge-main 2.44-r3 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils edge-main 2.44-r2 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils edge-main 2.44-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils 3.22-main 2.44-r3 Natanael Copa <ncopa@alpinelinux.org> fixed
binutils 3.22-main 2.44-r2 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
binutils 3.22-main 2.44-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable