Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
GNU Binutils readelf can crash when processing certain files
DEBIAN-CVE-2025-69647
Summary
A flaw in the way GNU Binutils reads certain types of files can cause it to freeze and consume excessive resources. This can happen if an attacker supplies a specially crafted file to a system running GNU Binutils. To fix this, update to a version of GNU Binutils newer than 2.45.1.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| debian | binutils | All versions | – |
| debian | binutils | All versions | – |
| debian | binutils | All versions | – |
| debian | binutils | All versions | – |
Original title
GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF loclists data. A logic flaw in the DWARF parsing code can cause rea...
Original description
GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF loclists data. A logic flaw in the DWARF parsing code can cause readelf to repeatedly print the same table output without making forward progress, resulting in an unbounded output loop that never terminates unless externally interrupted. A local attacker can trigger this behavior by supplying a malicious input file, causing excessive CPU and I/O usage and preventing readelf from completing its analysis.
- https://security-tracker.debian.org/tracker/CVE-2025-69647 Vendor Advisory
Published: 9 Mar 2026 · Updated: 13 Mar 2026 · First seen: 10 Mar 2026