Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2025-5245

Published: May 28, 2025Last modified: August 1, 2025

Description

A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debug_type_samep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.

Severity score breakdown

ParameterValue
Base score5.3
Attack VectorLOCAL
Attack complexityLOW
Privileges requiredLOW
User interactionNONE
ScopeUNCHANGED
ConfidentialityLOW
Integrity impactLOW
Availability impactLOW
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Notes

The fix didn't land in 2.44, it's in 2.45.

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSbinutilsFixed (2.40-r5)
StreambinutilsFixed (2.45-r0)
Hardened Containers23 LTSbinutilsFixed (2.40-r5)
StreambinutilsFixed (2.45-r0)

References

ON THIS PAGE