Sign In

CVE-2025-69652

ADVISORY - nist

Summary

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort (SIGABRT) when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in process_debug_info(), an invalid debug_info_p state may propagate into DWARF attribute parsing routines. When certain malformed attributes result in an unexpected data length of zero, byte_get_little_endian() triggers a fatal abort. No evidence of memory corruption or code execution was observed; the impact is limited to denial of service.

EPSS Score: 0.00022 (0.058)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-460

Improper Cleanup on Thrown Exception

ADVISORY - redhat

CWE-617

Reachable Assertion

Impacted images

Advisories

NIST

CREATED

UPDATED

ADVISORY IDCVE-2025-69652
EXPLOITABILITY SCORE

2.5

EXPLOITS FOUND
COMMON WEAKNESS ENUMERATION (CWE)
CWE-460

CVSS SCORE

6.2medium

Alpine

CREATED

UPDATED

ADVISORY IDCVE-2025-69652
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

UPDATED

ADVISORY IDCVE-2025-69652
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

UPDATED

ADVISORY IDCVE-2025-69652
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

UPDATED

ADVISORY IDCVE-2025-69652
EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-617

CVSS SCORE

3.3low