6.2

CVE-2025-69647

Exploit

EPSS 0.02%
Veröffentlicht 09.03.2026 00:00:00
Zuletzt bearbeitet 13.03.2026 16:44:02
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF loclists data. A logic flaw in the DWARF parsing code can cause readelf to repeatedly print the same table output without making forward progress, resulting in an unbounded output loop that never terminates unless externally interrupted. A local attacker can trigger this behavior by supplying a malicious input file, causing excessive CPU and I/O usage and preventing readelf from completing its analysis.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Gnu ≫ Binutils Version <= 2.45.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.035

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	6.2	2.5	3.6	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=455446bbdc8675f34808187de2bbad4682016ff7

Patch

https://sourceware.org/bugzilla/show_bug.cgi?id=33640

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2025-69647

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-69647

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-69647

EUVD