PT-2025-6050 · Gnu+5 · Gnu Binutils+5

Wenjusun

+1

·

Publicado

2025-02-05

·

Atualizado

2026-04-20

·

CVE-2025-1178

CVSS v4.0

6.3

Média

VetorAV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Name of the Vulnerable Software and Affected Versions GNU Binutils version 2.43
Description A vulnerability was found in GNU Binutils, affecting the function bfd putl64 of the file libbfd.c of the component ld. The manipulation leads to memory corruption. The attack can be launched remotely, but the complexity of an attack is rather high and the exploitation appears to be difficult.
Recommendations To fix this issue, it is recommended to apply a patch, specifically the one with the identifier 75086e9de1707281172cc77f178e7949a4414ed0. As a temporary workaround, consider disabling the bfd putl64 function until a patch is available. Restrict access to the libbfd.c component to minimize the risk of exploitation.

Exploit

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

AZL-56698
AZL-56738
BDU:2025-11821
CVE-2025-1178
ECHO-29B2-9C4E-7DF9
MGASA-2025-0262
OPENSUSE-SU-2025:15651-1
OPENSUSE-SU-2025:20150-1
SUSE-SU-2025:21195-1
SUSE-SU-2025:21197-1
SUSE-SU-2025:4096-1
USN-7423-1

Produtos afetados

Astra Linux
Debian
Gnu Binutils
Linuxmint
Suse
Ubuntu