CVE-2025-11081 — LOW (3.3) — White Hats Nepal

Vulnerability Description

A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dump_dwarf_section of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit is now public and may be used. The patch is named f87a66db645caf8cc0e6fc87b0c28c78a38af59b. It is suggested to install a patch to address this issue.

CVSS Score

3.3

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

LOW

Affected Products

Vendor	Product	Versions
Gnu	Binutils	2.45

Related Weaknesses (CWE)

CWE-119 CWE-125

References

https://github.com/user-attachments/files/20623354/hdf5_crash_3.txtBroken Link
https://sourceware.org/bugzilla/show_bug.cgi?id=33406ExploitIssue Tracking
https://sourceware.org/bugzilla/show_bug.cgi?id=33406#c2ExploitIssue Tracking
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f87a66db645caf8cc0e6fPatch
https://vuldb.com/?ctiid.326122Permissions RequiredVDB Entry
https://vuldb.com/?id.326122Third Party AdvisoryVDB Entry
https://vuldb.com/?submit.661275Third Party AdvisoryVDB Entry
https://www.gnu.org/Product

FAQ

What is CVE-2025-11081?

CVE-2025-11081 is a vulnerability with a CVSS score of 3.3 (LOW). A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dump_dwarf_section of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. The attack ...

How severe is CVE-2025-11081?

CVE-2025-11081 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-11081?

Check the references section above for vendor advisories and patch information. Affected products include: Gnu Binutils.