CVE-2025-69645

ADVISORY - nist

Summary

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offset_size value being used inside byte_get_little_endian, leading to an abort (SIGABRT). The issue was observed in binutils 2.44. A local attacker can trigger the crash by supplying a malicious input file.

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-noinfo⁠

ADVISORY - redhat

CWE-1285⁠

Improper Validation of Specified Index, Position, or Offset in Input

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.