VDB
DEBIAN-CVE-2025-11495
DEBIAN-CVE-2025-11495
PUBLISHED
CVSS 5.5 MEDIUM
A vulnerability was determined in GNU Binutils 2.45. The affected element is the function elf_x86_64_relocate_section of the file elf64-x86-64.c of the component Linker. This manipulation causes heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Patch name: 6b21c8b2ecfef5c95142cbc2c32f185cb1c26ab0. To fix this issue, it is recommended to deploy a patch.
Risk Scores
CVSS v3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | binutils | 2.44.50.20250520-1, 2.45-3, 2.44.50.20250405-1 |
| Debian:12 | binutils | 2.41.50.20230905-1, 2.42.50.20240614-1, 2.42.50.20240618-1 |
| Debian:13 | binutils | 2.44.50.20250528-1, 2.45.50.20251209-1, 2.44.50.20250502-1 |
| Debian:11 | binutils | 2.44.50.20250502-1, 2.44.50.20250520-1, 2.44.50.20250528-1 |
Timeline
- Oct 8, 2025 CVE Published
- Apr 28, 2026 CVE Updated