CVE-2025-7546
GNU Binutils elf.c bfd_elf_set_group_contents out-of-bounds write
CVSS Score
5.3
EPSS Score
0.0%
EPSS Percentile
0th
A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfd_elf_set_group_contents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The name of the patch is 41461010eb7c79fee7a9d5f6209accdaac66cc6b. It is recommended to apply a patch to fix this issue.
| CWE | CWE-787 CWE-119 |
| Vendor | gnu |
| Product | binutils |
| Published | Jul 13, 2025 |
| Last Updated | May 12, 2026 |
Stay Ahead of the Next One
Get instant alerts for gnu binutils
Be the first to know when new medium vulnerabilities affecting gnu binutils are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
GNU / Binutils
2.45
References
vuldb.com: https://vuldb.com/?id.316244 vuldb.com: https://vuldb.com/?ctiid.316244 vuldb.com: https://vuldb.com/?submit.614375 sourceware.org: https://sourceware.org/bugzilla/show_bug.cgi?id=33050 sourceware.org: https://sourceware.org/bugzilla/show_bug.cgi?id=33050#c2 sourceware.org: https://sourceware.org/bugzilla/attachment.cgi?id=16118 sourceware.org: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=41461010eb7c79fee7a9d5f6209accdaac66cc6b gnu.org: https://www.gnu.org/ cert-portal.siemens.com: https://cert-portal.siemens.com/productcert/html/ssa-265688.html cert-portal.siemens.com: https://cert-portal.siemens.com/productcert/html/ssa-082556.html
Credits
๐ arthurx (VulDB User)