A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dump_dwarf_section of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit is now public and may be used. The patch is named f87a66db645caf8cc0e6fc87b0c28c78a38af59b. It is suggested to install a patch to address this issue.
                
            References
                    | Link | Resource | 
|---|---|
| https://github.com/user-attachments/files/20623354/hdf5_crash_3.txt | Broken Link | 
| https://sourceware.org/bugzilla/show_bug.cgi?id=33406 | Exploit Issue Tracking | 
| https://sourceware.org/bugzilla/show_bug.cgi?id=33406#c2 | Exploit Issue Tracking | 
| https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f87a66db645caf8cc0e6fc87b0c28c78a38af59b | Patch | 
| https://vuldb.com/?ctiid.326122 | Permissions Required VDB Entry | 
| https://vuldb.com/?id.326122 | Third Party Advisory VDB Entry | 
| https://vuldb.com/?submit.661275 | Third Party Advisory VDB Entry | 
| https://www.gnu.org/ | Product | 
Configurations
                    History
                    03 Oct 2025, 16:51
| Type | Values Removed | Values Added | 
|---|---|---|
| CPE | cpe:2.3:a:gnu:binutils:2.45:*:*:*:*:*:*:* | |
| First Time | Gnu Gnu binutils | |
| References | () https://github.com/user-attachments/files/20623354/hdf5_crash_3.txt - Broken Link | |
| References | () https://sourceware.org/bugzilla/show_bug.cgi?id=33406 - Exploit, Issue Tracking | |
| References | () https://sourceware.org/bugzilla/show_bug.cgi?id=33406#c2 - Exploit, Issue Tracking | |
| References | () https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f87a66db645caf8cc0e6fc87b0c28c78a38af59b - Patch | |
| References | () https://vuldb.com/?ctiid.326122 - Permissions Required, VDB Entry | |
| References | () https://vuldb.com/?id.326122 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?submit.661275 - Third Party Advisory, VDB Entry | |
| References | () https://www.gnu.org/ - Product | 
27 Sep 2025, 22:15
| Type | Values Removed | Values Added | 
|---|---|---|
| New CVE | 
Information
                Published : 2025-09-27 22:15
Updated : 2025-10-03 16:51
NVD link : CVE-2025-11081
Mitre link : CVE-2025-11081
CVE.ORG link : CVE-2025-11081
JSON object : View
Products Affected
                gnu
- binutils
