CVE-2025-1176

CVSS v2.0

5.1

Medium

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions GNU Binutils version 2.43

Description A critical issue affects the function bfd elf gc mark rsec of the file elflink.c of the component ld. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult.

Recommendations Apply a patch to fix this issue, specifically the patch named f9978defb6fab0bd8583942d97c112b0932ac814. As a temporary workaround, consider restricting access to the vulnerable function bfd elf gc mark rsec until a patch is applied.

Exploit

Fix

Buffer Overflow

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-122

Related Identifiers

AZL-56579

AZL-56652

AZL-56655

BDU:2025-11823

CVE-2025-1176

ECHO-ADCD-7287-F168

MGASA-2025-0262

OPENSUSE-SU-2025:15651-1

OPENSUSE-SU-2025:20150-1

SUSE-SU-2025:21195-1

SUSE-SU-2025:21197-1

SUSE-SU-2025:4096-1

USN-7423-1

USN-7423-2

Affected Products

Astra Linux

Debian

Gnu Binutils

Linuxmint

Suse

Ubuntu

CVE-2025-1176

Weakness Enumeration

Related Identifiers

Affected Products

References · 108