CVE-2026-6845

Summary

A flaw was found in binutils, specifically within the readelf utility. This vulnerability allows a local attacker to cause a Denial of Service (DoS) by tricking a user into processing a specially crafted Executable and Linkable Format (ELF) file. The exploitation of this flaw can lead to the system becoming unresponsive due to excessive resource consumption or a program crash.

Affected Software

VendorProductVersion RangeStatus
Red HatRed Hat Hardened Images2.45.1-5.2.hum1 < *unaffected

Weaknesses

  • CWE-476: NULL Pointer Dereference

Workarounds

To mitigate this issue, users should avoid processing untrusted or suspicious ELF files with the readelf utility. No specific configuration or operational control is available to prevent this vulnerability without affecting the intended functionality of readelf.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References