CVE-2025-11414 – GNU Binutils Linker elflink.c get_link_hash_entry out-of-bounds

CVE ID : CVE-2025-11414

Published : Oct. 7, 2025, 11:15 p.m. | 1 hour, 20 minutes ago

Description : A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function get_link_hash_entry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.46 addresses this issue. Patch name: aeaaa9af6359c8e394ce9cf24911fec4f4d23703. It is advisable to upgrade the affected component.

Severity: 4.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…