CVE-2025-5245
GNU Binutils objdump debug.c debug_type_samep memory corruption
CVSS Score
5.3
EPSS Score
0.0%
EPSS Percentile
0th
A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debug_type_samep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.
| CWE | CWE-119 |
| Vendor | gnu |
| Product | binutils |
| Published | May 27, 2025 |
| Last Updated | May 12, 2026 |
Stay Ahead of the Next One
Get instant alerts for gnu binutils
Be the first to know when new medium vulnerabilities affecting gnu binutils are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
GNU / Binutils
2.0 2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 2.9 2.10 2.11 2.12 2.13 2.14 2.15 2.16 2.17 2.18 2.19 2.20 2.21 2.22 2.23 2.24 2.25 2.26 2.27 2.28 2.29 2.30 2.31 2.32 2.33 2.34 2.35 2.36 2.37 2.38 2.39 2.40 2.41 2.42 2.43 2.44
References
vuldb.com: https://vuldb.com/?id.310347 vuldb.com: https://vuldb.com/?ctiid.310347 vuldb.com: https://vuldb.com/?submit.584635 sourceware.org: https://sourceware.org/bugzilla/show_bug.cgi?id=32829 sourceware.org: https://sourceware.org/bugzilla/attachment.cgi?id=16004 sourceware.org: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6c3458a8b7ee7d39f070c7b2350851cb2110c65a gnu.org: https://www.gnu.org/ cert-portal.siemens.com: https://cert-portal.siemens.com/productcert/html/ssa-265688.html cert-portal.siemens.com: https://cert-portal.siemens.com/productcert/html/ssa-082556.html
Credits
๐ lcyf-fizz (VulDB User)