CVE-2025-3198
GNU Binutils objdump bucomm.c display_info memory leak
CVSS Score
3.3
EPSS Score
0.0%
EPSS Percentile
0th
A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function display_info of the file binutils/bucomm.c of the component objdump. The manipulation leads to memory leak. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named ba6ad3a18cb26b79e0e3b84c39f707535bbc344d. It is recommended to apply a patch to fix this issue.
| CWE | CWE-401 CWE-404 |
| Vendor | gnu |
| Product | binutils |
| Published | Apr 4, 2025 |
| Last Updated | May 12, 2026 |
Stay Ahead of the Next One
Get instant alerts for gnu binutils
Be the first to know when new low vulnerabilities affecting gnu binutils are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
GNU / Binutils
2.43 2.44
References
vuldb.com: https://vuldb.com/?id.303151 vuldb.com: https://vuldb.com/?ctiid.303151 vuldb.com: https://vuldb.com/?submit.545773 sourceware.org: https://sourceware.org/bugzilla/show_bug.cgi?id=32716 sourceware.org: https://sourceware.org/bugzilla/show_bug.cgi?id=32716#c0 sourceware.org: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ba6ad3a18cb26b79e0e3b84c39f707535bbc344d gnu.org: https://www.gnu.org/ cert-portal.siemens.com: https://cert-portal.siemens.com/productcert/html/ssa-265688.html cert-portal.siemens.com: https://cert-portal.siemens.com/productcert/html/ssa-082556.html
Credits
๐ Haoxin Tu (VulDB User)