Skip to main content

binutils readelf CVE-2026-6845

| EUVD-2026-24712 MEDIUM
NULL Pointer Dereference (CWE-476)
2026-04-22 redhat GHSA-chmq-57c3-4p7v
Null Pointer Dereference Denial Of Service Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 9 Red Hat Hardened Images Red Hat Openshift Container Platform 4
5.0
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.0 MEDIUM
AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
SUSE
3.1 LOW
AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
Red Hat
5.0 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
Patch released
Apr 29, 2026 - 02:30 nvd
Patch available
Analysis Generated
Apr 22, 2026 - 10:03 vuln.today
EUVD ID Assigned
Apr 22, 2026 - 08:30 euvd
EUVD-2026-24712
Analysis Generated
Apr 22, 2026 - 08:30 vuln.today
CVE Published
Apr 22, 2026 - 07:54 nvd
MEDIUM 5.0

DescriptionCVE.org

A flaw was found in binutils, specifically within the readelf utility. This vulnerability allows a local attacker to cause a Denial of Service (DoS) by tricking a user into processing a specially crafted Executable and Linkable Format (ELF) file. The exploitation of this flaw can lead to the system becoming unresponsive due to excessive resource consumption or a program crash.

AnalysisAI

The readelf utility in binutils is vulnerable to denial of service through null pointer dereference when processing specially crafted ELF files. A local attacker with limited privileges can trigger excessive resource consumption or program crashes by convincing a user to process a malicious ELF binary, affecting Red Hat Enterprise Linux 6, 7, 8, and 10. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Attacker crafts malicious ELF file
Delivery
Delivers file to target user
Exploit
User executes readelf on file
Execution
Null pointer dereference triggered
Persist
Process crashes or resource exhaustion
Impact
Denial of service impact
Sign in to reveal

Vulnerability AssessmentAI

Exploitation The vulnerability requires a local user (non-root, PR:L) to execute the readelf command directly against a specially crafted ELF file. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment This vulnerability presents moderate real-world risk with significant limiting factors. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker crafts a malicious ELF file and emails it to a developer or system administrator, claiming it is a binary to be analyzed. When the recipient runs readelf on the file to inspect its structure, the null pointer dereference triggers, causing readelf to crash or enter an infinite loop that consumes CPU and memory resources. …
Remediation Apply the security update provided by Red Hat for your Enterprise Linux version via https://access.redhat.com/security/cve/CVE-2026-6845. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-11788 HIGH
7.5 Jun 09

Remote denial of service in 389 Directory Server (Red Hat Directory Server 11/12/13 and Red Hat Enterprise Linux 6 throu
CVE-2026-48914 MEDIUM
6.7 Jun 12

Out-of-bounds heap write in QEMU's virtio-blk device allows a high-privileged guest to crash the host QEMU process. The

CVE-2026-11789 MEDIUM
6.5 Jun 09

Denial-of-service in Red Hat's 389 Directory Server allows a highly privileged network attacker to crash the LDAP servic
CVE-2026-11786 MEDIUM
6.5 Jun 09

Out-of-bounds read in 389 Directory Server's LDIF parser exposes limited heap memory to a highly privileged local attack
CVE-2026-11611 MEDIUM
6.5 Jun 08

Denial of service in Red Hat 389 Directory Server's Content Synchronization persistent search plugin enables authenticat

Vendor StatusVendor

SUSE

Severity: Low
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Basesystem 15 SP7 Fixed
SUSE Linux Enterprise Module for Development Tools 15 SP7 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP7 Fixed

Share

CVE-2026-6845 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy