CVE-2025-3198

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions GNU Binutils versions 2.43 through 2.44

Description A memory leak issue has been identified, affecting the display info function of the binutils/bucomm.c file in the objdump component. This issue can be exploited locally, leading to a memory leak. The exploit has been publicly disclosed.

Recommendations For GNU Binutils versions 2.43 through 2.44, apply the patch named ba6ad3a18cb26b79e0e3b84c39f707535bbc344d to fix this issue. As a temporary workaround, consider restricting access to the display info function of the objdump component until the patch is applied.

Exploit

Fix

Memory Leak

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401CWE-404

Related Identifiers

ALT-PU-2025-11378

BDU:2025-10923

CVE-2025-3198

ECHO-9F76-C987-DEF2

OESA-2025-1578

OPENSUSE-SU-2025:15651-1

OPENSUSE-SU-2025:20150-1

SUSE-SU-2025:21195-1

SUSE-SU-2025:21197-1

SUSE-SU-2025:4096-1

USN-7847-1

USN-7899-1

Affected Products

Alt Linux

Astra Linux

Debian

Gnu Binutils

Linuxmint

Suse

Ubuntu

CVE-2025-3198

Weakness Enumeration

Related Identifiers

Affected Products

References · 119