CVE-2025-11494 – GNU Binutils Linker elfxx-x86.c _bfd_x86_elf_late_size_sections out-of-bounds

CVE ID : CVE-2025-11494

Published : Oct. 8, 2025, 8:15 p.m. | 22 minutes ago

Description : A vulnerability was found in GNU Binutils 2.45. Impacted is the function _bfd_x86_elf_late_size_sections of the file bfd/elfxx-x86.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. The patch is identified as b6ac5a8a5b82f0ae6a4642c8d7149b325f4cc60a. A patch should be applied to remediate this issue.

Severity: 4.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…