CVE-2025-11082

ADVISORY - nist

Summary

A flaw has been found in GNU Binutils 2.45. Impacted is the function _bfd_elf_parse_eh_frame of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. This patch is called ea1a0737c7692737a644af0486b71e4a392cbca8. A patch should be applied to remediate this issue. The code maintainer replied with "[f]ixed for 2.46".

EPSS Score⁠: 0.00023 (0.056)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-119⁠

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-122⁠

Heap-based Buffer Overflow

ADVISORY - redhat

(CWE-119|CWE-122)⁠

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.