CVE-2025-5244

Summary

A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elf_gc_sweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 2.45 is able to address this issue. It is recommended to upgrade the affected component.

Affected Software

VendorProductVersion RangeStatus
GNUBinutils2.0affected
GNUBinutils2.1affected
GNUBinutils2.2affected
GNUBinutils2.3affected
GNUBinutils2.4affected
GNUBinutils2.5affected
GNUBinutils2.6affected
GNUBinutils2.7affected
GNUBinutils2.8affected
GNUBinutils2.9affected
GNUBinutils2.10affected
GNUBinutils2.11affected
GNUBinutils2.12affected
GNUBinutils2.13affected
GNUBinutils2.14affected
GNUBinutils2.15affected
GNUBinutils2.16affected
GNUBinutils2.17affected
GNUBinutils2.18affected
GNUBinutils2.19affected
GNUBinutils2.20affected
GNUBinutils2.21affected
GNUBinutils2.22affected
GNUBinutils2.23affected
GNUBinutils2.24affected
GNUBinutils2.25affected
GNUBinutils2.26affected
GNUBinutils2.27affected
GNUBinutils2.28affected
GNUBinutils2.29affected
GNUBinutils2.30affected
GNUBinutils2.31affected
GNUBinutils2.32affected
GNUBinutils2.33affected
GNUBinutils2.34affected
GNUBinutils2.35affected
GNUBinutils2.36affected
GNUBinutils2.37affected
GNUBinutils2.38affected
GNUBinutils2.39affected
GNUBinutils2.40affected
GNUBinutils2.41affected
GNUBinutils2.42affected
GNUBinutils2.43affected
GNUBinutils2.44affected

Weaknesses

  • CWE-119: Memory Corruption

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

Additional References

References