Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.2
GNU Binutils readelf can crash if given a malformed file
CVE-2025-69648
Summary
A bug in the GNU Binutils tool readelf can cause it to get stuck and crash if it's given a specially created file with incorrect data. This is not a security risk that could let hackers take control of your system, but it may cause inconvenience if you're trying to use readelf. To avoid this issue, you can upgrade to a newer version of Binutils.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| gnu | binutils | <= 2.45.1 | – |
Original title
GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debug_rnglists data. A logic flaw in the DWARF parsing path causes...
Original description
GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debug_rnglists data. A logic flaw in the DWARF parsing path causes readelf to repeatedly print the same warning message without making forward progress, resulting in a non-terminating output loop that requires manual interruption. No evidence of memory corruption or code execution was observed.
Vulnerability type
CWE-835
Published: 9 Mar 2026 · Updated: 13 Mar 2026 · First seen: 9 Mar 2026