CVE-2026-3442

MEDIUM

Red Hat Enterprise Linux 10 - Buffer Overflow

Title source: rule

Description

A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may lead to the disclosure of sensitive information or cause the application to crash, resulting in an application level denial of service.

Exploits (1)

github WORKING POC 10 stars

by XiaomingX · pythonpoc

https://github.com/XiaomingX/data-cve-poc-py-v1/tree/main/2026/CVE-2026-3442

View Code ZIP pw:eip

References (2)

[Vendor Advisory] https://access.redhat.com/security/cve/CVE-2026-3442

[Vendor Advisory] https://bugzilla.redhat.com/show_bug.cgi?id=2443828

Scores

CVSS v3 6.1

EPSS 0.0001

EPSS Percentile 0.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L

Details

CWE

CWE-125

Status published

Products (15)

gnu/binutils

Red Hat/Red Hat Enterprise Linux 10

Red Hat/Red Hat Enterprise Linux 6

Red Hat/Red Hat Enterprise Linux 7

Red Hat/Red Hat Enterprise Linux 8

Red Hat/Red Hat Enterprise Linux 9

Red Hat/Red Hat Hardened Images

Red Hat/Red Hat Hardened Images 1

Red Hat/Red Hat OpenShift Container Platform 4

redhat/enterprise_linux 6.0

... and 5 more

Published Mar 16, 2026

Tracked Since Mar 16, 2026