Sign In

CVE-2025-69647

ADVISORY - nist

Summary

GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF loclists data. A logic flaw in the DWARF parsing code can cause readelf to repeatedly print the same table output without making forward progress, resulting in an unbounded output loop that never terminates unless externally interrupted. A local attacker can trigger this behavior by supplying a malicious input file, causing excessive CPU and I/O usage and preventing readelf from completing its analysis.

EPSS Score: 0.00016 (0.036)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')

Impacted images

Advisories

NIST

CREATED

UPDATED

ADVISORY IDCVE-2025-69647
EXPLOITABILITY SCORE

2.5

EXPLOITS FOUND
COMMON WEAKNESS ENUMERATION (CWE)
CWE-835

CVSS SCORE

6.2medium

Alpine

CREATED

UPDATED

ADVISORY IDCVE-2025-69647
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

UPDATED

ADVISORY IDCVE-2025-69647
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

UPDATED

ADVISORY IDCVE-2025-69647
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

minimos

CREATED

UPDATED

ADVISORY ID

MINI-xv7p-mhp8-6r2j

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY