Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A vulnerability has been found in GNU Binutils 2.45. This impacts the function bfd_elf_gc_record_vtentry of the file bfd/elflink.c of the component Linker. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 047435dd988a3975d40c6626a8f739a0b2e154bc. To fix this issue, it is recommended to deploy a patch.
AnalysisAI
Out-of-bounds read in GNU Binutils 2.45 linker component affects the bfd_elf_gc_record_vtentry function in bfd/elflink.c, allowing authenticated local attackers to trigger memory access violations. The CVSS score of 1.9 reflects low real-world impact (no confidentiality, integrity, or system-level damage) despite the out-of-bounds read classification, suggesting this is primarily a denial-of-service vector or development/debugging concern rather than a critical exploitation pathway. Publicly available exploit code exists, but EPSS exploitation probability remains very low at 0.03 percentile, indicating minimal real-world adoption despite public disclosure.
Technical ContextAI
GNU Binutils is the collection of binary tools including the linker (ld), assembler (as), and utilities for manipulating object files and executables. The vulnerability resides in the linker's ELF (Executable and Linkable Format) garbage collection mechanism, specifically in the bfd_elf_gc_record_vtentry function within bfd/elflink.c. This function manages virtual table entries during link-time garbage collection of unused sections. The out-of-bounds read (CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer) occurs when processing specially crafted ELF object files with malformed virtual table records, allowing the function to read memory beyond allocated buffer boundaries. This typically occurs during the linker's analysis phase when determining which sections can be safely discarded.
RemediationAI
Apply the upstream patch commit 047435dd988a3975d40c6626a8f739a0b2e154bc from the GNU Binutils Git repository (https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=047435dd988a3975d40c6626a8f739a0b2e154bc), which addresses the out-of-bounds read in bfd_elf_gc_record_vtentry. Users should upgrade to a patched version once released by their distribution (contact your Linux vendor for backported patches to version 2.45, or upgrade to Binutils 2.46 or later if available for your platform). For systems requiring immediate stability in multi-tenant environments, restrict linker invocation (the ld command and related tools) to trusted users via file system permissions or AppArmor/SELinux policies, though this may impact development workflows. Recompiling binutils from the patched source is the most reliable interim mitigation for security-critical systems; however, this adds maintenance overhead and should be balanced against the low exploitation probability (0.03 percentile EPSS).
Share
External POC / Exploit Code
Leaving vuln.today