CVE-2025-69645 - Vulnerability Details

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offset_size value being used inside byte_get_little_endian, leading to an abort (SIGABRT). The issue was observed in binutils 2.44. A local attacker can trigger the crash by supplying a malicious input file.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

References

Link	Providers
https://sourceware.org/bugzilla/show_bug.cgi?id=33637
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=cdb728d4da6184631989b192f1022c219dea7677

History

Fri, 06 Mar 2026 17:30:00 +0000

Type	Values Removed	Values Added
Description		Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offset_size value being used inside byte_get_little_endian, leading to an abort (SIGABRT). The issue was observed in binutils 2.44. A local attacker can trigger the crash by supplying a malicious input file.
References		https://sourceware.org/bugzilla/show_bug.cgi?id=33637 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=cdb728d4da6184631989b192f1022c219dea7677

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2026-03-06T00:00:00.000Z

Updated: 2026-03-06T17:14:29.543Z

Reserved: 2026-01-09T00:00:00.000Z

Link: CVE-2025-69645

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-03-06T18:16:16.367

Modified: 2026-03-06T18:16:16.367

Link: CVE-2025-69645

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object