binutils-gdbgentoo/binutils-2.33.1-2: 1 vulnerabilities (highest severity is: 3.1) #17
Description
Vulnerable Library - binutils-gdbgentoo/binutils-2.33.1-2
[MIRROR] Gentoo vendor branches of the binutils / gdb code
Library home page: https://github.com/gentoo/binutils-gdb.git
Found in HEAD commit: a5282c23c8dfeb383a65fba63e7a78f59b9c1c60
Vulnerable Source Files (1)
Vulnerabilities
| CVE | Severity |  CVSS |
Dependency | Type | Fixed in (binutils-gdbgentoo/binutils version) | Remediation Possible** |
|---|---|---|---|---|---|---|
| CVE-2025-1180 |  Low |
3.1 | binutils-gdbgentoo/binutils-2.33.1-2 | Direct | N/A | ❌ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2025-1180
Vulnerable Library - binutils-gdbgentoo/binutils-2.33.1-2
[MIRROR] Gentoo vendor branches of the binutils / gdb code
Library home page: https://github.com/gentoo/binutils-gdb.git
Found in HEAD commit: a5282c23c8dfeb383a65fba63e7a78f59b9c1c60
Found in base branch: develop
Vulnerable Source Files (1)
Vulnerability Details
A vulnerability classified as problematic has been found in GNU Binutils 2.43. This affects the function _bfd_elf_write_section_eh_frame of the file bfd/elf-eh-frame.c of the component ld. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.
Publish Date: 2025-02-11
URL: CVE-2025-1180
CVSS 3 Score Details (3.1)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: Low