SB2025021209 - Multiple vulnerabilities in GNU Binutils
Published: February 12, 2025 Updated: April 8, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 14 secuirty vulnerabilities.
1) Stack-based buffer overflow (CVE-ID: CVE-2025-0840)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the disassemble_bytes() function in binutils/objdump.c within the nm binary. A remote attacker can pass specially crafted input to the application, trigger a stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
2) Buffer overflow (CVE-ID: CVE-2024-57360)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when handling files within the nm binary. A remote attacker can pass specially crafted input to the application, trigger memory corruption and execute arbitrary code on the target system.
3) Heap-based buffer overflow (CVE-ID: CVE-2025-1176)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the _bfd_elf_gc_mark_rsec() function in bfd/elflink.c within the ld binary. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
4) Buffer overflow (CVE-ID: CVE-2025-1182)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the bfd_elf_reloc_symbol_deleted_p() function in bfd/elflink.c within the ld binary. A remote attacker can pass specially crafted input to the binary, trigger memory corruption and execute arbitrary code on the target system.
5) Buffer overflow (CVE-ID: CVE-2025-1181)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the _bfd_elf_gc_mark_rsec() function in bfd/elflink.c within the ld binary. A remote attacker can pass specially crafted input to the binary, trigger memory corruption and execute arbitrary code on the target system.
6) Buffer overflow (CVE-ID: CVE-2025-1178)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the bfd_putl64() function in libbfd.c. A remote attacker can pass specially crafted input to the application, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
7) Buffer overflow (CVE-ID: CVE-2025-1147)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the __sanitizer::internal_strlen() function in binutils/nm.c. A remote attacker can pass specially crafted input to the application, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
8) Buffer overflow (CVE-ID: CVE-2025-1179)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the bfd_putl64() function in bfd/libbfd.c. A remote attacker can pass specially crafted input to the application, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
9) Buffer overflow (CVE-ID: CVE-2025-1180)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the _bfd_elf_write_section_eh_frame() function in bfd/elf-eh-frame.c. A remote attacker can pass specially crafted input to the application, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
10) Memory leak (CVE-ID: CVE-2025-1152)
The vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak within the xstrdup() function in xstrdup.c. A remote attacker can force the application to leak memory and perform denial of service attack.
11) Memory leak (CVE-ID: CVE-2025-1150)
The vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak within the bfd_malloc() function in libbfd.c. A remote attacker can force the application to leak memory and perform denial of service attack.
12) Memory leak (CVE-ID: CVE-2025-1151)
The vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak within the xmemdup() function in xmemdup.c. A remote attacker can force the application to leak memory and perform denial of service attack.
13) Memory leak (CVE-ID: CVE-2025-1149)
The vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak within the xstrdup() function in libiberty/xmalloc.c. A remote attacker can force the application to leak memory and perform denial of service attack.
14) Memory leak (CVE-ID: CVE-2025-1148)
The vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak within the link_order_scan() function in ld/ldelfgen.c. A remote attacker can force the application to leak memory and perform denial of service attack.
Remediation
Install update from vendor's website.
References
- https://sourceware.org/bugzilla/attachment.cgi?id=15882
- https://sourceware.org/bugzilla/show_bug.cgi?id=32560
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=baac6c221e9d69335bf41366a1c7d87d8ab2f893
- https://vuldb.com/?ctiid.293997
- https://vuldb.com/?id.293997
- https://vuldb.com/?submit.485255
- https://www.gnu.org/
- https://sourceware.org/bugzilla/show_bug.cgi?id=32467
- https://sourceware.org/bugzilla/attachment.cgi?id=15913
- https://sourceware.org/bugzilla/show_bug.cgi?id=32636
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f9978defb6fab0bd8583942d97c112b0932ac814
- https://vuldb.com/?ctiid.295079
- https://vuldb.com/?id.295079
- https://vuldb.com/?submit.495329
- https://sourceware.org/bugzilla/attachment.cgi?id=15919
- https://sourceware.org/bugzilla/show_bug.cgi?id=32644
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b425859021d17adf62f06fb904797cf8642986ad
- https://vuldb.com/?ctiid.295086
- https://vuldb.com/?id.295086
- https://vuldb.com/?submit.495407
- https://sourceware.org/bugzilla/attachment.cgi?id=15918
- https://sourceware.org/bugzilla/show_bug.cgi?id=32643
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=931494c9a89558acb36a03a340c01726545eef24
- https://vuldb.com/?ctiid.295084
- https://vuldb.com/?id.295084
- https://vuldb.com/?submit.495402
- https://sourceware.org/bugzilla/attachment.cgi?id=15914
- https://sourceware.org/bugzilla/show_bug.cgi?id=32638
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=75086e9de1707281172cc77f178e7949a4414ed0
- https://vuldb.com/?ctiid.295081
- https://vuldb.com/?id.295081
- https://vuldb.com/?submit.495369
- https://sourceware.org/bugzilla/attachment.cgi?id=15881
- https://sourceware.org/bugzilla/show_bug.cgi?id=32556
- https://vuldb.com/?ctiid.295051
- https://vuldb.com/?id.295051
- https://vuldb.com/?submit.485254
- https://sourceware.org/bugzilla/attachment.cgi?id=15915
- https://sourceware.org/bugzilla/show_bug.cgi?id=32640
- https://sourceware.org/bugzilla/show_bug.cgi?id=32640#c1
- https://vuldb.com/?ctiid.295082
- https://vuldb.com/?id.295082
- https://vuldb.com/?submit.495376
- https://sourceware.org/bugzilla/attachment.cgi?id=15917
- https://sourceware.org/bugzilla/show_bug.cgi?id=32642
- https://vuldb.com/?ctiid.295083
- https://vuldb.com/?id.295083
- https://vuldb.com/?submit.495381
- https://sourceware.org/bugzilla/attachment.cgi?id=15887
- https://sourceware.org/bugzilla/show_bug.cgi?id=32576
- https://vuldb.com/?ctiid.295056
- https://vuldb.com/?ctiid.295054
- https://vuldb.com/?ctiid.295055
- https://vuldb.com/?ctiid.295053
- https://security.netapp.com/advisory/ntap-20250404-0004/
- https://vuldb.com/?ctiid.295052