CVE-2025-11839

LOW

GNU Binutils <2.45 - Unchecked Return Value

Title source: llm

Description

A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Performing a manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be used for attacks.

References (6)

[Third Party Advisory, VDB Entry] https://vuldb.com/?id.328774

[Permissions Required, VDB Entry] https://vuldb.com/?ctiid.328774

[Third Party Advisory, VDB Entry] https://vuldb.com/?submit.661279

[Exploit, Issue Tracking] https://sourceware.org/bugzilla/show_bug.cgi?id=33448

[Broken Link] https://sourceware.org/bugzilla/attachment.cgi?id=16344

[Product] https://www.gnu.org/

Scores

CVSS v3 3.3

EPSS 0.0002

EPSS Percentile 6.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-252 CWE-253

Status published

Products (1)

gnu/binutils 2.45

Published Oct 16, 2025

Tracked Since Feb 18, 2026