CVE-2025-1153 — LOW (3.1) — White Hats Nepal

Vulnerability Description

A vulnerability classified as problematic was found in GNU Binutils 2.43/2.44. Affected by this vulnerability is the function bfd_set_format of the file format.c. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 2.45 is able to address this issue. The identifier of the patch is 8d97c1a53f3dc9fd8e1ccdb039b8a33d50133150. It is recommended to upgrade the affected component.

CVSS Score

3.1

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

LOW

Affected Products

Vendor	Product	Versions
Gnu	Binutils	2.43

Related Weaknesses (CWE)

CWE-119

References

https://sourceware.org/bugzilla/show_bug.cgi?id=32603ExploitIssue TrackingThird Party Advisory
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8d97c1a53f3dc9fd8e1ccPatch
https://vuldb.com/?ctiid.295057Permissions RequiredVDB Entry
https://vuldb.com/?id.295057Permissions RequiredVDB Entry
https://vuldb.com/?submit.489991ExploitThird Party AdvisoryVDB Entry
https://www.gnu.org/Product
https://security.netapp.com/advisory/ntap-20250404-0005/

FAQ

What is CVE-2025-1153?

CVE-2025-1153 is a vulnerability with a CVSS score of 3.1 (LOW). A vulnerability classified as problematic was found in GNU Binutils 2.43/2.44. Affected by this vulnerability is the function bfd_set_format of the file format.c. The manipulation leads to memory corr...

How severe is CVE-2025-1153?

CVE-2025-1153 has been rated LOW with a CVSS base score of 3.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-1153?

Check the references section above for vendor advisories and patch information. Affected products include: Gnu Binutils.