Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.2
GNU Binutils readelf Can Be Hacked to Run Out of Control
CVE-2025-69647
Summary
A coding mistake in the readelf tool can cause it to get stuck in an infinite loop when analyzing certain types of binary files, leading to high CPU and disk usage. This can be exploited by an attacker to disrupt the tool's operation. To prevent this, update to a fixed version of the tool.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| gnu | binutils | <= 2.45.1 | – |
Original title
GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF loclists data. A logic flaw in the DWARF parsing code can cause rea...
Original description
GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF loclists data. A logic flaw in the DWARF parsing code can cause readelf to repeatedly print the same table output without making forward progress, resulting in an unbounded output loop that never terminates unless externally interrupted. A local attacker can trigger this behavior by supplying a malicious input file, causing excessive CPU and I/O usage and preventing readelf from completing its analysis.
Vulnerability type
CWE-835
Published: 9 Mar 2026 · Updated: 13 Mar 2026 · First seen: 9 Mar 2026