CVE-2025-1147

ADVISORY - nist

Summary

A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this vulnerability is the function __sanitizer::internal_strlen of the file binutils/nm.c of the component nm. The manipulation of the argument const leads to buffer overflow. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

EPSS Score⁠: 0.0039 (0.595)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-119⁠

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-120⁠

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

ADVISORY - redhat

(CWE-119|CWE-120)⁠

Impacted images

Advisories

NIST

CREATED

11 months ago

UPDATED

10 months ago

ADVISORY IDCVE-2025-1147⁠

EXPLOITABILITY SCORE

1.6

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-119⁠CWE-120⁠

CVSS SCORE

2.3low

Debian

CREATED

11 months ago

UPDATED

10 days ago

ADVISORY IDCVE-2025-1147⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

11 months ago

UPDATED

2 months ago

ADVISORY IDCVE-2025-1147⁠

EXPLOITABILITY SCORE

1.6

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.3medium

Red Hat

CREATED

11 months ago

UPDATED

3 days ago

ADVISORY IDCVE-2025-1147⁠

EXPLOITABILITY SCORE

1.6

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

(CWE-119|CWE-120)⁠

CVSS SCORE

3.1low

Photon

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY ID

CVE-2025-1147

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.3medium