CVE-2025-1182

CVSS v2.0

5.1

Medium

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions GNU Binutils version 2.43

Description A critical vulnerability was found in GNU Binutils, affecting the function bfd elf reloc symbol deleted p of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. It is possible to launch the attack remotely. The complexity of an attack is rather high, and the exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.

Recommendations To fix this issue, it is recommended to apply a patch, specifically the one identified as b425859021d17adf62f06fb904797cf8642986ad. As a temporary workaround, consider disabling the bfd elf reloc symbol deleted p function until a patch is available. Restrict access to the bfd/elflink.c file to minimize the risk of exploitation. Avoid using the ld component until the issue is resolved.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

AZL-56618

AZL-56678

AZL-56688

BDU:2025-11825

CVE-2025-1182

ECHO-63C7-2879-434E

MGASA-2025-0262

OPENSUSE-SU-2025:15651-1

OPENSUSE-SU-2025:20150-1

SUSE-SU-2025:21195-1

SUSE-SU-2025:21197-1

SUSE-SU-2025:4096-1

USN-7423-1

USN-7847-1

USN-7899-1

Affected Products

Astra Linux

Debian

Gnu Binutils

Linuxmint

Suse

Ubuntu

CVE-2025-1182

Weakness Enumeration

Related Identifiers

Affected Products

References · 122