CVE-2025-0840

CVSS 3.1 Score 5 of 10 (medium)

Details

Published Jan 29, 2025

CWE ID 119

CWE ID 121

Summary

CVE-2025-0840 is a newly disclosed vulnerability affecting GNU Binutils up to version 2.43. This issue lies in the function "disassemble\_bytes" of the file "objdump.c". An attacker can exploit this stack-based buffer overflow vulnerability by manipulating the argument "buf". The complexity of an attack is relatively high, and exploitability is considered difficult but has been publicly disclosed. To mitigate this risk, it's recommended to upgrade to version 2.44, with the patch identifier being baac6c221e9d69335bf41366a1c7d87d8ab2f893.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Gnu Binutils

Affected Vendors

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/25lWRm
https://www.cve.org/CVERecord?id=CVE-2025-0840
https://nvd.nist.gov/vuln/detail/CVE-2025-0840

Back to Vulnerability Database