Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.5
GNU Binutils readelf can crash when processing malformed ELF files
UBUNTU-CVE-2025-69649
Summary
Malicious ELF files can cause the readelf program to crash and stop working. This can happen when processing files with intentionally incorrect information. To stay safe, update to the latest version of GNU Binutils.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| canonical | binutils | All versions | – |
| canonical | binutils | All versions | – |
| canonical | binutils | All versions | – |
| canonical | binutils | All versions | – |
| canonical | binutils | All versions | – |
| canonical | binutils | All versions | – |
| canonical | binutils | All versions | – |
Original title
GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null ...
Original description
GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into display_relocations(), resulting in a segmentation fault (SIGSEGV) and abrupt termination. No evidence of memory corruption beyond the null pointer dereference, nor any possibility of code execution, was observed.
- https://ubuntu.com/security/CVE-2025-69649 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2025-69649 Third Party Advisory
- https://sourceware.org/bugzilla/show_bug.cgi?id=33697 Third Party Advisory
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=66a3492ce68e1ae45b248... Third Party Advisory
Published: 6 Mar 2026 · Updated: 14 Mar 2026 · First seen: 10 Mar 2026