Vulnerabilities > CVE-2025-1147 - Unspecified vulnerability in GNU Binutils 2.43

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

high complexity

gnu

NVD

Published: 2025-02-10

Updated: 2025-04-04

Summary

A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this vulnerability is the function __sanitizer::internal_strlen of the file binutils/nm.c of the component nm. The manipulation of the argument const leads to buffer overflow. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

Vulnerable Configurations

Part	Description	Count
Application	Gnu GNU Binutils 2.43	1

References

https://security.netapp.com/advisory/ntap-20250404-0003/
https://sourceware.org/bugzilla/attachment.cgi?id=15881
https://sourceware.org/bugzilla/show_bug.cgi?id=32556
https://vuldb.com/?ctiid.295051
https://vuldb.com/?id.295051
https://vuldb.com/?submit.485254
https://www.gnu.org/