CVE-2025-69646

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-69646
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-69646.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-69646
Downstream
Published
2026-03-06T18:16:16.500Z
Modified
2026-04-10T05:35:22.453307Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debugrnglists data. A logic error in the handling of the debugrnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an unbounded logging loop until the process is interrupted. The issue was observed in binutils 2.44. A local attacker can exploit this vulnerability by supplying a malicious input file, leading to excessive CPU and I/O usage and preventing completion of the objdump analysis.

References

Affected packages

Git / sourceware.org/git/binutils-gdb.git

Affected ranges

Type
GIT
Repo
https://sourceware.org/git/binutils-gdb.git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
815d9a14cbbb3b81843f7566222c87fb22e7255d
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.44"
        }
    ]
}

Affected versions

Other
binutils-2_41-release
binutils-2_44
gdb-10-branchpoint
gdb-11-branchpoint
gdb-12-branchpoint
gdb-13-branchpoint
gdb-14-branchpoint
gdb-15-branchpoint
gdb-16-branchpoint
gdb-4_18-branchpoint
gdb-9-branchpoint
gdb_5_2-branchpoint
gdb_5_3-branchpoint
gdb_6_0-branchpoint
gdb_6_1-branchpoint
gdb_6_2-branchpoint
gdb_6_3-branchpoint
gdb_6_4-branchpoint
gdb_6_5-branchpoint
gdb_6_6-branchpoint
gdb_6_7-branchpoint
gdb_6_8-branchpoint
gdb_7_0-branchpoint
gdb_7_1-branchpoint
gdb_7_2-branchpoint
gdb_7_3-branchpoint
gdb_7_4-branchpoint
gdb_7_5-branchpoint
gdb_7_6-branchpoint
users/ARM/embedded-binutils-master-2016q4
users/ARM/embedded-binutils-master-2017q4
users/ARM/embedded-binutils-master-2018q4
users/ARM/embedded-gdb-master-2017q4
users/ARM/embedded-gdb-master-2018q4
gdb-7.*
gdb-7.10-branchpoint
gdb-7.11-branchpoint
gdb-7.12-branchpoint
gdb-7.7-branchpoint
gdb-7.8-branchpoint
gdb-7.9-branchpoint
gdb-8.*
gdb-8.0-branchpoint
gdb-8.1-branchpoint
gdb-8.2-branchpoint
gdb-8.3-branchpoint

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-69646.json"