AZL-79568

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-79568.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-79568

Upstream

CVE-2025-69645

Published

2026-03-06T18:16:16Z

Modified

2026-04-21T04:34:47.086855Z

Summary

CVE-2025-69645 affecting package binutils 2.41-10

Details

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offsetsize value being used inside bytegetlittleendian, leading to an abort (SIGABRT). The issue was observed in binutils 2.44. A local attacker can trigger the crash by supplying a malicious input file.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-69645

Affected packages

Azure Linux:3 / binutils

Package

Name: binutils
Purl: pkg:rpm/azure-linux/binutils

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

2.41-10

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-79568.json"