Name: binutils
CVEs: CVE-2025-5244, CVE-2025-5245, CVE-2025-8225
CVSSs: 4.8, 4.8, 4.8
Action Needed: update to >= 2.45
Summary:
- CVE-2025-5244: A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elf_gc_sweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 2.45 is able to address this issue. It is recommended to upgrade the affected component.
- CVE-2025-5245: A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debug_type_samep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.
- CVE-2025-8225: A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function process_debug_info of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patch is e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4. It is recommended to apply a patch to fix this issue.
refmap.gentoo: TBD
Name: binutils
CVEs: CVE-2025-5244, CVE-2025-5245, CVE-2025-8225
CVSSs: 4.8, 4.8, 4.8
Action Needed: update to >= 2.45
Summary:
refmap.gentoo: TBD