CVE-2025-1181

Name of the Vulnerable Software and Affected Versions GNU Binutils version 2.43

Description A critical vulnerability was found in GNU Binutils, affecting the function bfd elf gc mark rsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high, and the exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

Recommendations To fix this issue, it is recommended to apply a patch with the name 931494c9a89558acb36a03a340c01726545eef24. As a temporary workaround, consider disabling the bfd elf gc mark rsec function until a patch is available. Restrict access to the vulnerable component ld to minimize the risk of exploitation. Avoid using the affected bfd/elflink.c file until the issue is resolved.