CVE-2025-69649

{"id": "CVE-2025-69649", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2026-03-06T19:16:10.640", "references": [{"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33697", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=66a3492ce68e1ae45b2489bd9a815c39ea5d7f66", "tags": ["Patch"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into display_relocations(), resulting in a segmentation fault (SIGSEGV) and abrupt termination. No evidence of memory corruption beyond the null pointer dereference, nor any possibility of code execution, was observed."}, {"lang": "es", "value": "GNU Binutils hasta la versi\u00f3n 2.46 readelf contiene una vulnerabilidad de desreferencia de puntero nulo al procesar un binario ELF manipulado con campos de encabezado malformados. Durante el procesamiento de reubicaciones, un puntero de secci\u00f3n inv\u00e1lido o nulo puede ser pasado a display_relocations(), lo que resulta en un fallo de segmentaci\u00f3n (SIGSEGV) y terminaci\u00f3n abrupta. No se observ\u00f3 evidencia de corrupci\u00f3n de memoria m\u00e1s all\u00e1 de la desreferencia del puntero nulo, ni ninguna posibilidad de ejecuci\u00f3n de c\u00f3digo."}], "lastModified": "2026-03-11T15:51:24.160", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18449381-54BD-4732-A531-D44935A3ADAE", "versionEndIncluding": "2.46"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}