CVE-2025-69652

Name of the Vulnerable Software and Affected Versions GNU Binutils versions through 2.46

Description The software contains a flaw that can cause it to stop working unexpectedly (SIGABRT) when it processes a specially crafted ELF binary file with incorrectly formatted DWARF abbrev or debug information. This happens because of incomplete cleanup within the process debug info() function, which can lead to an invalid state being used by routines that parse DWARF attributes. Specifically, when a malformed attribute results in a zero data length, the byte get little endian() function triggers the fatal abort. The issue is limited to a denial-of-service condition, with no observed memory corruption or code execution.

Recommendations Update to a version of GNU Binutils later than 2.46.