CVE-2025-69647

Name of the Vulnerable Software and Affected Versions GNU Binutils versions through 2.45.1

Description GNU Binutils’ readelf utility is susceptible to a denial-of-service condition when processing a specially crafted binary file containing improperly formatted DWARF loclists data. A flaw in the DWARF parsing code can lead to an infinite loop, repeatedly printing the same table output without progressing. This results in excessive CPU and I/O usage, effectively halting the completion of readelf’s analysis unless manually stopped. A local attacker can exploit this by providing a malicious input file.

Recommendations Versions prior to 2.45.1 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.