CVE-2025-0840

Published Jan 29, 2025

Last updated a year ago

CVSS medium 6.3

Overview

Description
A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemble_bytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 2.44 is able to address this issue. The identifier of the patch is baac6c221e9d69335bf41366a1c7d87d8ab2f893. It is recommended to upgrade the affected component.
Source
cna@vuldb.com
NVD status
Analyzed
Products
binutils

Risk scores

CVSS 4.0

Type
Secondary
Base score
6.3
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
MEDIUM

CVSS 3.1

Type
Primary
Base score
7.5
Impact score
5.9
Exploitability score
1.6
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity
HIGH

CVSS 2.0

Type
Secondary
Base score
5.1
Impact score
6.4
Exploitability score
4.9
Vector string
AV:N/AC:H/Au:N/C:P/I:P/A:P

Weaknesses

cna@vuldb.com
CWE-119
nvd@nist.gov
CWE-787

Social media

Hype score
Not currently trending

  1. 🔴 GNU Binutils CVEs Impact Multiple Ubuntu Releases, Allow DoS and RCE Ten CVEs in GNU Binutils affect Ubuntu toolchains—CVE-2025-0840 through CVE-2025-8225. What's brutal: these are core development tools, so exploitation means compromising the build pipeline itself. Iss

    @the_c_protocol

    2 Dec 2025

    43 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Just published a deep dive into the latest #openSUSE security advisory. CVE-2025-0840 in Binutils is a reminder that the integrity of our development toolchains is paramount. Read more: 👉 https://t.co/YtcQtTKETf #Security https://t.co/p2Yq8m3OUW

    @Cezar_H_Linux

    12 Nov 2025

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2025-0840 A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemble_bytes of the file binutils/objdump.c. … https://t.co/DPFSmDBaak

    @CVEnew

    29 Jan 2025

    300 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debug_rnglists data. A logic flaw in the DWARF parsing path causes readelf to repeatedly print the same warning message without making forward progress, resulting in a non-terminating output loop that requires manual interruption. No evidence of memory corruption or code execution was observed.CVE-2025-69648
  2. GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF loclists data. A logic flaw in the DWARF parsing code can cause readelf to repeatedly print the same table output without making forward progress, resulting in an unbounded output loop that never terminates unless externally interrupted. A local attacker can trigger this behavior by supplying a malicious input file, causing excessive CPU and I/O usage and preventing readelf from completing its analysis.CVE-2025-69647
  3. GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort (SIGABRT) when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in process_debug_info(), an invalid debug_info_p state may propagate into DWARF attribute parsing routines. When certain malformed attributes result in an unexpected data length of zero, byte_get_little_endian() triggers a fatal abort. No evidence of memory corruption or code execution was observed; the impact is limited to denial of service.CVE-2025-69652
  4. GNU Binutils thru 2.46 readelf contains a double free vulnerability when processing a crafted ELF binary with malformed relocation data. During GOT relocation handling, dump_relocations may return early without initializing the all_relocations array. As a result, process_got_section_contents() may pass an uninitialized r_symbol pointer to free(), leading to a double free and terminating the program with SIGABRT. No evidence of exploitable memory corruption or code execution was observed; the impact is limited to denial of service.CVE-2025-69650
  5. GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into display_relocations(), resulting in a segmentation fault (SIGSEGV) and abrupt termination. No evidence of memory corruption beyond the null pointer dereference, nor any possibility of code execution, was observed.CVE-2025-69649

References

Sources include official advisories and independent security research.