SB2025103045 - Ubuntu update for binutils
Published: October 30, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 11 secuirty vulnerabilities.
1) Heap-based buffer overflow (CVE-ID: CVE-2025-11082)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the _bfd_elf_parse_eh_frame() function in bfd/elf-eh-frame.c. A local user can trigger a heap-based buffer overflow and execute arbitrary code on the target system.
2) Heap-based buffer overflow (CVE-ID: CVE-2025-11083)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the elf_swap_shdr() function in bfd/elfcode.h. A local user can trigger a heap-based buffer overflow and execute arbitrary code on the target system.
3) Buffer overflow (CVE-ID: CVE-2025-5244)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the elf_gc_sweep() function in bfd/elflink.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
4) Buffer overflow (CVE-ID: CVE-2025-5245)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the debug_type_samep() function in /binutils/debug.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
5) Buffer overflow (CVE-ID: CVE-2025-1147)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the __sanitizer::internal_strlen() function in binutils/nm.c. A remote attacker can pass specially crafted input to the application, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
6) Memory leak (CVE-ID: CVE-2025-1148)
The vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak within the link_order_scan() function in ld/ldelfgen.c. A remote attacker can force the application to leak memory and perform denial of service attack.
7) Memory leak (CVE-ID: CVE-2025-3198)
The vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak within the display_info() function in binutils/bucomm.c. A remote attacker can force the application to leak memory and perform denial of service attack.
8) Memory leak (CVE-ID: CVE-2025-8225)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due memory leak within the process_debug_info() function in binutils/dwarf.c. A local user can force the application to leak memory and perform denial of service attack.
9) Buffer overflow (CVE-ID: CVE-2025-1182)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the bfd_elf_reloc_symbol_deleted_p() function in bfd/elflink.c within the ld binary. A remote attacker can pass specially crafted input to the binary, trigger memory corruption and execute arbitrary code on the target system.
10) Out-of-bounds write (CVE-ID: CVE-2025-7546)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the bfd_elf_set_group_contents() function in bfd/elf.c. A local user can trigger an out-of-bounds write and execute arbitrary code on the target system.
11) Heap-based buffer overflow (CVE-ID: CVE-2025-7545)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the copy_section() function in binutils/objcopy.c. A local user can trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Remediation
Install update from vendor's website.