First published: Tue Feb 11 2025(Updated: )
A vulnerability was found in GNU Binutils 2.43. It has been rated as critical. Affected by this issue is the function bfd_putl64 of the file bfd/libbfd.c of the component ld. The manipulation leads to memory corruption. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 2.44 is able to address this issue. It is recommended to upgrade the affected component. The code maintainer explains, that "[t]his bug has been fixed at some point between the 2.43 and 2.44 releases".
Credit: cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Ubuntu/binutils | =2.43 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2025-1179 has been rated as critical due to its potential for memory corruption.
CVE-2025-1179 affects GNU Binutils version 2.43 to 2.44.
CVE-2025-1179 allows for remote attacks due to memory corruption in the bfd_putl64 function.
The complexity of an attack exploiting CVE-2025-1179 is considered to be rather high.
To mitigate risks from CVE-2025-1179, it is recommended to update GNU Binutils to a version beyond 2.44.