How to fix EUVD-2025-21278?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Is Ubuntu affected by EUVD-2025-21278?

Organizations using A vulnerability classified as problematic should be aware of moderate risk from CVE-2025-7545, a buffer overflow vulnerability rated CVSS 5.3. Exploitation could cause memory corruption or application crashes.

EUVD-2025-21278

| CVE-2025-7545 MEDIUM

2025-07-13 [email protected]

5.3

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Lifecycle Timeline

Patch Released

Mar 31, 2026 - 21:13 nvd

Patch available

Analysis Generated

Mar 16, 2026 - 09:18 vuln.today

EUVD ID Assigned

Mar 16, 2026 - 09:18 euvd

EUVD-2025-21278

CVE Published

Jul 13, 2025 - 22:15 nvd

MEDIUM 5.3

Description

A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copy_section of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is named 08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944. It is recommended to apply a patch to fix this issue.

Analysis

Technical Context

A buffer overflow occurs when data written to a buffer exceeds its allocated size, potentially overwriting adjacent memory and corrupting program state.

Affected Products

Affected products: Gnu Binutils 2.45

Remediation

Use memory-safe languages or bounds-checked functions. Enable ASLR, DEP/NX, and stack canaries. Apply vendor patches promptly.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +26

POC: 0

Vendor Status

Ubuntu

Priority: Medium

binutils

Release	Status	Version
xenial	released	2.26.1-1ubuntu1~16.04.8+esm12
upstream	released	2.45-3
bionic	released	2.30-21ubuntu1~18.04.9+esm5
jammy	released	2.38-4ubuntu2.10
noble	released	2.42-4ubuntu2.6
plucky	released	2.44-3ubuntu1.1
focal	released	2.34-6ubuntu1.11+esm1
trusty	released	2.24-5ubuntu14.2+esm7
questing	not-affected	2.45-6ubuntu1

USN-7718-1 USN-7847-1 USN-7899-1

Debian

binutils

Release	Status	Fixed Version	Urgency
bullseye	vulnerable	2.35.2-2	-
bookworm	vulnerable	2.40-2	-
trixie	vulnerable	2.44-3	-
forky, sid	fixed	2.46-3	-
(unstable)	fixed	2.45-3	unimportant

EUVD-2025-21278 vulnerability details – vuln.today

Back

EUVD-2025-21278

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Vendor Status

Ubuntu

Debian

Share

EUVD-2025-21278

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Vendor Status

Ubuntu

Debian

Share

External POC / Exploit Code