Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
GNU Binutils readelf crashes when processing malformed binary data
DEBIAN-CVE-2025-69648
Summary
A bug in GNU Binutils' readelf tool can cause it to crash or freeze when analyzing a specially crafted binary file. This could disrupt the normal operation of your system. To protect your system, update to a version of GNU Binutils that has fixed this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| debian | binutils | All versions | – |
| debian | binutils | All versions | – |
| debian | binutils | All versions | – |
| debian | binutils | All versions | – |
Original title
GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debug_rnglists data. A logic flaw in the DWARF parsing path causes...
Original description
GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debug_rnglists data. A logic flaw in the DWARF parsing path causes readelf to repeatedly print the same warning message without making forward progress, resulting in a non-terminating output loop that requires manual interruption. No evidence of memory corruption or code execution was observed.
- https://security-tracker.debian.org/tracker/CVE-2025-69648 Vendor Advisory
Published: 9 Mar 2026 · Updated: 13 Mar 2026 · First seen: 10 Mar 2026