CVE-2025-11083

EUVD-2025-31445
A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elf_swap_shdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 9ca499644a21ceb3f946d1c179c38a83be084490. To fix this issue, it is recommended to deploy a patch. The code maintainer replied with "[f]ixed for 2.46".
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 7%
Affected Products (NVD)
VendorProductVersion
gnubinutils
2.45
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
SiemensSIMATIC S7-1500 CPU 1518-4 PN\/DP MFP
V3.1.5 ≤
𝑥
< *
ADP
SiemensSIMATIC S7-1500 CPU 1518-4 PN\/DP MFP
V3.1.5 ≤
𝑥
< *
ADP
SiemensSIMATIC S7-1500 CPU 1518F-4 PN\/DP MFP
V3.1.5 ≤
𝑥
< *
ADP
SiemensSIMATIC S7-1500 CPU 1518F-4 PN\/DP MFP
V3.1.5 ≤
𝑥
< *
ADP
SiemensSIPLUS S7-1500 CPU 1518-4 PN\/DP MFP
V3.1.5 ≤
𝑥
< *
ADP
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
binutils
suse enterprise desktop 15 SP6
2.45-150100.7.57.1
fixed
suse enterprise desktop 15 SP7
2.45-150100.7.57.1
fixed
suse enterprise sap 15 SP6
2.45-150100.7.57.1
fixed
suse enterprise sap 15 SP7
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP2
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP3
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP4
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP5
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP6
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP7
2.45-150100.7.57.1
fixed
binutils-devel
suse enterprise desktop 15 SP6
2.45-150100.7.57.1
fixed
suse enterprise desktop 15 SP7
2.45-150100.7.57.1
fixed
suse enterprise sap 15 SP6
2.45-150100.7.57.1
fixed
suse enterprise sap 15 SP7
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP2
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP3
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP4
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP5
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP6
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP7
2.45-150100.7.57.1
fixed
binutils-devel-32bit
suse enterprise desktop 15 SP6
2.45-150100.7.57.1
fixed
suse enterprise desktop 15 SP7
2.45-150100.7.57.1
fixed
suse enterprise sap 15 SP6
2.45-150100.7.57.1
fixed
suse enterprise sap 15 SP7
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP2
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP3
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP4
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP5
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP6
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP7
2.45-150100.7.57.1
fixed
libctf-nobfd0
suse enterprise desktop 15 SP6
2.45-150100.7.57.1
fixed
suse enterprise desktop 15 SP7
2.45-150100.7.57.1
fixed
suse enterprise sap 15 SP6
2.45-150100.7.57.1
fixed
suse enterprise sap 15 SP7
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP2
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP3
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP4
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP5
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP6
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP7
2.45-150100.7.57.1
fixed
libctf0
suse enterprise desktop 15 SP6
2.45-150100.7.57.1
fixed
suse enterprise desktop 15 SP7
2.45-150100.7.57.1
fixed
suse enterprise sap 15 SP6
2.45-150100.7.57.1
fixed
suse enterprise sap 15 SP7
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP2
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP3
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP4
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP5
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP6
2.45-150100.7.57.1
fixed
suse enterprise server 15 SP7
2.45-150100.7.57.1
fixed
libucm-devel
suse enterprise desktop 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise desktop 15 SP7
1.17.0-150700.4.2.7
fixed
suse enterprise sap 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise sap 15 SP7
1.17.0-150700.4.2.7
fixed
suse enterprise server 15 SP2
1.6.0-150200.3.2.1
fixed
suse enterprise server 15 SP3
1.9.0-150300.4.2.5
fixed
suse enterprise server 15 SP4
1.11.1-150400.4.2.1
fixed
suse enterprise server 15 SP5
1.13.1-150500.4.2.5
fixed
suse enterprise server 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise server 15 SP7
1.17.0-150700.4.2.7
fixed
libucm0
suse enterprise desktop 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise desktop 15 SP7
1.17.0-150700.4.2.7
fixed
suse enterprise sap 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise sap 15 SP7
1.17.0-150700.4.2.7
fixed
suse enterprise server 15 SP2
1.6.0-150200.3.2.1
fixed
suse enterprise server 15 SP3
1.9.0-150300.4.2.5
fixed
suse enterprise server 15 SP4
1.11.1-150400.4.2.1
fixed
suse enterprise server 15 SP5
1.13.1-150500.4.2.5
fixed
suse enterprise server 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise server 15 SP7
1.17.0-150700.4.2.7
fixed
libucp-devel
suse enterprise desktop 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise desktop 15 SP7
1.17.0-150700.4.2.7
fixed
suse enterprise sap 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise sap 15 SP7
1.17.0-150700.4.2.7
fixed
suse enterprise server 15 SP2
1.6.0-150200.3.2.1
fixed
suse enterprise server 15 SP3
1.9.0-150300.4.2.5
fixed
suse enterprise server 15 SP4
1.11.1-150400.4.2.1
fixed
suse enterprise server 15 SP5
1.13.1-150500.4.2.5
fixed
suse enterprise server 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise server 15 SP7
1.17.0-150700.4.2.7
fixed
libucp0
suse enterprise desktop 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise desktop 15 SP7
1.17.0-150700.4.2.7
fixed
suse enterprise sap 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise sap 15 SP7
1.17.0-150700.4.2.7
fixed
suse enterprise server 15 SP2
1.6.0-150200.3.2.1
fixed
suse enterprise server 15 SP3
1.9.0-150300.4.2.5
fixed
suse enterprise server 15 SP4
1.11.1-150400.4.2.1
fixed
suse enterprise server 15 SP5
1.13.1-150500.4.2.5
fixed
suse enterprise server 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise server 15 SP7
1.17.0-150700.4.2.7
fixed
libucs-devel
suse enterprise desktop 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise desktop 15 SP7
1.17.0-150700.4.2.7
fixed
suse enterprise sap 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise sap 15 SP7
1.17.0-150700.4.2.7
fixed
suse enterprise server 15 SP2
1.6.0-150200.3.2.1
fixed
suse enterprise server 15 SP3
1.9.0-150300.4.2.5
fixed
suse enterprise server 15 SP4
1.11.1-150400.4.2.1
fixed
suse enterprise server 15 SP5
1.13.1-150500.4.2.5
fixed
suse enterprise server 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise server 15 SP7
1.17.0-150700.4.2.7
fixed
libucs0
suse enterprise desktop 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise desktop 15 SP7
1.17.0-150700.4.2.7
fixed
suse enterprise sap 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise sap 15 SP7
1.17.0-150700.4.2.7
fixed
suse enterprise server 15 SP2
1.6.0-150200.3.2.1
fixed
suse enterprise server 15 SP3
1.9.0-150300.4.2.5
fixed
suse enterprise server 15 SP4
1.11.1-150400.4.2.1
fixed
suse enterprise server 15 SP5
1.13.1-150500.4.2.5
fixed
suse enterprise server 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise server 15 SP7
1.17.0-150700.4.2.7
fixed
libuct-devel
suse enterprise desktop 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise desktop 15 SP7
1.17.0-150700.4.2.7
fixed
suse enterprise sap 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise sap 15 SP7
1.17.0-150700.4.2.7
fixed
suse enterprise server 15 SP2
1.6.0-150200.3.2.1
fixed
suse enterprise server 15 SP3
1.9.0-150300.4.2.5
fixed
suse enterprise server 15 SP4
1.11.1-150400.4.2.1
fixed
suse enterprise server 15 SP5
1.13.1-150500.4.2.5
fixed
suse enterprise server 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise server 15 SP7
1.17.0-150700.4.2.7
fixed
libuct0
suse enterprise desktop 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise desktop 15 SP7
1.17.0-150700.4.2.7
fixed
suse enterprise sap 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise sap 15 SP7
1.17.0-150700.4.2.7
fixed
suse enterprise server 15 SP2
1.6.0-150200.3.2.1
fixed
suse enterprise server 15 SP3
1.9.0-150300.4.2.5
fixed
suse enterprise server 15 SP4
1.11.1-150400.4.2.1
fixed
suse enterprise server 15 SP5
1.13.1-150500.4.2.5
fixed
suse enterprise server 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise server 15 SP7
1.17.0-150700.4.2.7
fixed
openucx-tools
suse enterprise desktop 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise desktop 15 SP7
1.17.0-150700.4.2.7
fixed
suse enterprise sap 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise sap 15 SP7
1.17.0-150700.4.2.7
fixed
suse enterprise server 15 SP2
1.6.0-150200.3.2.1
fixed
suse enterprise server 15 SP3
1.9.0-150300.4.2.5
fixed
suse enterprise server 15 SP4
1.11.1-150400.4.2.1
fixed
suse enterprise server 15 SP5
1.13.1-150500.4.2.5
fixed
suse enterprise server 15 SP6
1.15.0-150600.3.5.2
fixed
suse enterprise server 15 SP7
1.17.0-150700.4.2.7
fixed
perf
suse enterprise server 15 SP2
5.3.18-150200.25.11.1
fixed
suse enterprise server 15 SP3
5.3.18-150300.38.7.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.44.20.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.52.5.1
fixed
perf-devel
suse enterprise server 15 SP4
5.14.21-150400.44.20.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.52.5.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
binutils
RHEL 8
0:2.30-128.el8_10
fixed
RHEL 8.2 AUS
0:2.30-73.el8_2.2
fixed
RHEL 8.4 AUS
0:2.30-93.el8_4.3
fixed
RHEL 8.6 AUS
0:2.30-113.el8_6.4
fixed
RHEL 8.6 E4S
0:2.30-113.el8_6.4
fixed
RHEL 8.6 TUS
0:2.30-113.el8_6.4
fixed
RHEL 8.8 E4S
0:2.30-119.el8_8.3
fixed
RHEL 8.8 TUS
0:2.30-119.el8_8.3
fixed
RHEL 9
0:2.35.2-67.el9_7.1
fixed
binutils-devel
RHEL 8
0:2.30-128.el8_10
fixed
RHEL 8.2 AUS
0:2.30-73.el8_2.2
fixed
RHEL 8.4 AUS
0:2.30-93.el8_4.3
fixed
RHEL 8.6 AUS
0:2.30-113.el8_6.4
fixed
RHEL 8.6 E4S
0:2.30-113.el8_6.4
fixed
RHEL 8.6 TUS
0:2.30-113.el8_6.4
fixed
RHEL 8.8 E4S
0:2.30-119.el8_8.3
fixed
RHEL 8.8 TUS
0:2.30-119.el8_8.3
fixed
RHEL 9
0:2.35.2-67.el9_7.1
fixed
binutils-gold
RHEL 9
0:2.35.2-67.el9_7.1
fixed
gcc-toolset-13-binutils
RHEL 9
0:2.40-21.el9_7.1
fixed
gcc-toolset-13-binutils-devel
RHEL 9
0:2.40-21.el9_7.1
fixed
gcc-toolset-13-binutils-gold
RHEL 9
0:2.40-21.el9_7.1
fixed
gcc-toolset-14-binutils
RHEL 8
0:2.41-4.el8_10.1
fixed
RHEL 9
0:2.41-5.el9_7.1
fixed
gcc-toolset-14-binutils-devel
RHEL 8
0:2.41-4.el8_10.1
fixed
RHEL 9
0:2.41-5.el9_7.1
fixed
gcc-toolset-14-binutils-gold
RHEL 8
0:2.41-4.el8_10.1
fixed
RHEL 9
0:2.41-5.el9_7.1
fixed
gcc-toolset-14-binutils-gprofng
RHEL 8
0:2.41-4.el8_10.1
fixed
RHEL 9
0:2.41-5.el9_7.1
fixed
gcc-toolset-15-binutils
RHEL 9
0:2.44-3.el9_7.1
fixed
gcc-toolset-15-binutils-devel
RHEL 9
0:2.44-3.el9_7.1
fixed
gcc-toolset-15-binutils-gold
RHEL 9
0:2.44-3.el9_7.1
fixed
gcc-toolset-15-binutils-gprofng
RHEL 9
0:2.44-3.el9_7.1
fixed
Common Weakness Enumeration
References
https://sourceware.org/bugzilla/attachment.cgi?id=16353
https://sourceware.org/bugzilla/show_bug.cgi?id=33457
https://sourceware.org/bugzilla/show_bug.cgi?id=33457#c1
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=9ca499644a21ceb3f946d1c179c38a83be084490
https://vuldb.com/?ctiid.326124
https://vuldb.com/?id.326124
https://vuldb.com/?submit.661277
https://www.gnu.org/
https://cert-portal.siemens.com/productcert/html/ssa-082556.html
https://sourceware.org/bugzilla/show_bug.cgi?id=33457
https://sourceware.org/bugzilla/show_bug.cgi?id=33457#c1