PT-2025-6071 · Gnu+2 · Gnu Binutils+2

孙文举

Published

2025-02-10

Updated

2025-12-12

CVE-2025-1151

CVSS v3.1

3.1

Low

Vector

AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions GNU Binutils version 2.43

Description A memory leak issue affects the xmemdup function of the ld component in the xmemdup.c file. This issue can be exploited remotely, but the complexity of an attack is rather high, and the exploitation is known to be difficult. The code maintainer has fixed all reported leaks in the binutils master branch.

Recommendations For GNU Binutils version 2.43, it is recommended to apply a patch to fix this issue. As a temporary workaround, consider restricting the use of the xmemdup function until a patch is available.

Exploit

Fix

Improper Resource Release

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404CWE-401

Related Identifiers

AZL-56561

AZL-56570

AZL-56585

AZL-56606

AZL-56648

AZL-56661

AZL-56673

AZL-56675

CVE-2025-1151

ECHO-FD45-114D-683B

OPENSUSE-SU-2025:15651-1

OPENSUSE-SU-2025:20150-1

SUSE-SU-2025:21195-1

SUSE-SU-2025:21197-1

SUSE-SU-2025:4096-1

Affected Products

Debian

Gnu Binutils

Suse

PT-2025-6071 · Gnu+2 · Gnu Binutils+2

CVE-2025-1151

Weakness Enumeration

Related Identifiers

Affected Products

References · 90