VDB
DEBIAN-CVE-2025-69648
DEBIAN-CVE-2025-69648
PUBLISHED
CVSS 6.199999809265137 MEDIUM
GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debug_rnglists data. A logic flaw in the DWARF parsing path causes readelf to repeatedly print the same warning message without making forward progress, resulting in a non-terminating output loop that requires manual interruption. No evidence of memory corruption or code execution was observed.
Risk Scores
CVSS 3.1
6.199999809265137
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:13 | binutils | 2.44.50.20250218-1, 2.46-2, 2.46.50.20260216-1 |
| Debian:12 | binutils | 0, 2.40-2, 2.40.50.20230111-1 |
| Debian:11 | binutils | 2.35.50.20201209-1, 2.43.1-3, 2.43.1-4 |
| Debian:14 | binutils | 2.46.50.20260216-1, 2.46-3, 2.46-2 |
Timeline
- Mar 9, 2026 CVE Published
- Apr 28, 2026 CVE Updated