Skip to main content

binutils readelf CVE-2026-6844

| EUVD-2026-24710 MEDIUM
Uncontrolled Resource Consumption (CWE-400)
2026-04-22 redhat GHSA-p33j-xffm-gxj7
Denial Of Service Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 9 Red Hat Hardened Images Red Hat Openshift Container Platform 4
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative
Red Hat
5.5 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
Patch released
Apr 29, 2026 - 02:30 nvd
Patch available
Analysis Generated
Apr 22, 2026 - 10:03 vuln.today
EUVD ID Assigned
Apr 22, 2026 - 09:00 euvd
EUVD-2026-24710
Analysis Generated
Apr 22, 2026 - 09:00 vuln.today
CVE Published
Apr 22, 2026 - 08:37 nvd
MEDIUM 5.5

DescriptionCVE.org

A flaw was found in the readelf utility of the binutils package. A local attacker could exploit two Denial of Service (DoS) vulnerabilities by providing a specially crafted Executable and Linkable Format (ELF) file. One vulnerability, a resource exhaustion (CWE-400), can lead to an out-of-memory condition. The other, a null pointer dereference (CWE-476), can cause a segmentation fault. Both issues can result in the readelf utility becoming unresponsive or crashing, leading to a denial of service.

AnalysisAI

The readelf utility in binutils is vulnerable to denial of service through two distinct flaws triggered by maliciously crafted ELF files: a resource exhaustion vulnerability (CWE-400) causing out-of-memory conditions and a null pointer dereference (CWE-476) causing segmentation faults. Both vulnerabilities require local access and user interaction to open a malicious file, resulting in the readelf utility crashing or becoming unresponsive. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Craft malicious ELF file
Delivery
Deliver to target system
Exploit
User executes readelf on file
Execution
Parser exhausts resources or dereferences null pointer
Impact
readelf crashes or system memory exhausted
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Exploitation requires the following specific conditions: (1) local system access to invoke the readelf utility, (2) ability to provide a specially crafted ELF file as input to readelf (either by placing it in a location readelf accesses or by directly supplying it as an argument), and (3) user interaction - a user or automated process must execute readelf against the malicious file. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 5.5 score reflects low to medium severity: local attack vector (AV:L), low complexity (AC:L), no privilege requirement (PR:N), but user interaction required (UI:R) to open the malicious file, with impact limited to availability (A:H). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A security researcher conducting malware analysis downloads a suspicious binary from the internet and runs readelf locally to inspect its ELF headers and sections. The binary is actually a malicious file crafted with malformed ELF structures. …
Remediation Apply the security patch released by Red Hat for your respective RHEL version via standard package management tools (yum/dnf update binutils). … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-11788 HIGH
7.5 Jun 09

Remote denial of service in 389 Directory Server (Red Hat Directory Server 11/12/13 and Red Hat Enterprise Linux 6 throu
CVE-2026-48914 MEDIUM
6.7 Jun 12

Out-of-bounds heap write in QEMU's virtio-blk device allows a high-privileged guest to crash the host QEMU process. The

CVE-2026-11789 MEDIUM
6.5 Jun 09

Denial-of-service in Red Hat's 389 Directory Server allows a highly privileged network attacker to crash the LDAP servic
CVE-2026-11786 MEDIUM
6.5 Jun 09

Out-of-bounds read in 389 Directory Server's LDIF parser exposes limited heap memory to a highly privileged local attack
CVE-2026-11611 MEDIUM
6.5 Jun 08

Denial of service in Red Hat 389 Directory Server's Content Synchronization persistent search plugin enables authenticat

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Basesystem 15 SP7 Fixed
SUSE Linux Enterprise Module for Development Tools 15 SP7 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP7 Fixed

Share

CVE-2026-6844 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy