CVE-2025-1180: GNU Binutils ld elf-eh-frame.c _bfd_elf_write_section_eh_frame memory corruption
First published: Tue Feb 11 2025(Updated: )
A vulnerability classified as problematic has been found in GNU Binutils 2.43. This affects the function _bfd_elf_write_section_eh_frame of the file bfd/elf-eh-frame.c of the component ld. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ubuntu/binutils |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-1180?
CVE-2025-1180 is classified as a problematic vulnerability due to its potential for remote memory corruption.
How do I fix CVE-2025-1180?
To fix CVE-2025-1180, update GNU Binutils to a patched version that addresses the memory corruption issue.
What software is affected by CVE-2025-1180?
CVE-2025-1180 affects GNU Binutils version 2.43.
Can CVE-2025-1180 be exploited remotely?
Yes, CVE-2025-1180 can be exploited remotely, enabling attackers to manipulate memory.
What component of GNU Binutils is impacted by CVE-2025-1180?
CVE-2025-1180 impacts the function _bfd_elf_write_section_eh_frame in the ld component of GNU Binutils.
- agent/title
- agent/weakness
- agent/references
- agent/description
- agent/type
- agent/first-publish-date
- agent/severity
- agent/author
- agent/source
- agent/event
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/tags
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/gnu
- canonical/gnu binutils