CVE-2025-11414

ADVISORY - nist

Summary

A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function get_link_hash_entry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.46 addresses this issue. Patch name: aeaaa9af6359c8e394ce9cf24911fec4f4d23703. It is advisable to upgrade the affected component.

EPSS Score⁠: 0.00027 (0.068)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-119⁠

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-125⁠

Out-of-bounds Read

ADVISORY - redhat

(CWE-119|CWE-125)⁠

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.