ALT-BU-2025-13048-1
Branch p10 update bulletin.
Closed vulnerabilities
BDU:2025-10924
Уязвимость функции elf_gc_sweep() компонента ld программного средства разработки GNU Binutils, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2025-10925
Уязвимость функции debug_type_samep() компонента objdump программного средства разработки GNU Binutils, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-10-03
CVE-2025-5244
A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elf_gc_sweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 2.45 is able to address this issue. It is recommended to upgrade the affected component.
- https://sourceware.org/bugzilla/attachment.cgi?id=16010
- https://sourceware.org/bugzilla/show_bug.cgi?id=32858
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d1458933830456e54223d9fc61f0d9b3a19256f5
- https://vuldb.com/?ctiid.310346
- https://vuldb.com/?id.310346
- https://vuldb.com/?submit.584634
- https://www.gnu.org/
Modified: 2025-10-03
CVE-2025-5245
A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debug_type_samep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.
- https://sourceware.org/bugzilla/attachment.cgi?id=16004
- https://sourceware.org/bugzilla/show_bug.cgi?id=32829
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6c3458a8b7ee7d39f070c7b2350851cb2110c65a
- https://vuldb.com/?ctiid.310347
- https://vuldb.com/?id.310347
- https://vuldb.com/?submit.584635
- https://www.gnu.org/