CVE-2025-11083

CVSS 5.3 - MEDIUM

Description

A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elf_swap_shdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 9ca499644a21ceb3f946d1c179c38a83be084490. To fix this issue, it is recommended to deploy a patch. The code maintainer replied with "[f]ixed for 2.46".

Affected Products

1

Vendor	Product	Version
gnu	binutils	`2.45`

References

https://sourceware.org/bugzilla/attachment.cgi?id=...

https://sourceware.org/bugzilla/show_bug.cgi?id=33...

https://sourceware.org/bugzilla/show_bug.cgi?id=33...

https://sourceware.org/git/gitweb.cgi?p=binutils-g...

https://vuldb.com/?ctiid.326124

https://vuldb.com/?id.326124

https://vuldb.com/?submit.661277

https://www.gnu.org/

https://cert-portal.siemens.com/productcert/html/s...

https://sourceware.org/bugzilla/show_bug.cgi?id=33...

https://sourceware.org/bugzilla/show_bug.cgi?id=33...

Weakness Types

CWE-119

CVE Information

CVE ID:: CVE-2025-11083
Published:: 2025-09-27
Modified:: 2026-05-12
CVSS Score:: 5.3
Severity:: MEDIUM
Vector:: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Affected Vendors

gnu

Quick Actions

View on NVD Find Similar CVEs

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL