CVE-2025-5244

Sažetak

A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elf_gc_sweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 2.45 is able to address this issue. It is recommended to upgrade the affected component.

Reference

https://sourceware.org/bugzilla/attachment.cgi?id=16010
https://sourceware.org/bugzilla/show_bug.cgi?id=32858
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d1458933830456e54223d9fc61f0d9b3a19256f5
https://vuldb.com/?ctiid.310346
https://vuldb.com/?id.310346
https://vuldb.com/?submit.584634
https://www.gnu.org/

CVSS

Base:	4.3
Impact:	6.4
Exploitability:	3.1

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

28-05-2025 - 15:01

Objavljeno

27-05-2025 - 13:15