VDB
DEBIAN-CVE-2025-69645
DEBIAN-CVE-2025-69645
PUBLISHED
CVSS 5.5 MEDIUM
Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offset_size value being used inside byte_get_little_endian, leading to an abort (SIGABRT). The issue was observed in binutils 2.44. A local attacker can trigger the crash by supplying a malicious input file.
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | binutils | 2.40.50.20230611-1, 2.36.1-5, 2.36.50.20210601-1 |
| Debian:12 | binutils | 2.41-7, 2.44.50.20250405-1, 2.44.50.20250502-1 |
| Debian:14 | binutils | 2.44.50.20250201-1, 0, 2.44-3 |
| Debian:13 | binutils | 0, 2.44.50.20250207-1, 2.44.50.20250218-1 |
Timeline
- Mar 6, 2026 CVE Published
- Apr 28, 2026 CVE Updated