CVE-2025-1147

CVSS 3.1 Score 3.1 of 10 (low)

Details

Published Feb 10, 2025

CWE ID 119

CWE ID 120

Summary

CVE-2025-1147 is a newly discovered vulnerability affecting the GNU Binutils 2.43 version. Specifically, the issue lies within the function __sanitizer::internal_strlen in the nm.c component of the nm tool. The flaw is triggered by a manipulated argument, resulting in a buffer overflow. This vulnerability can be exploited remotely, but the attack's complexity and successful exploitation difficulty are relatively high. Unfortunately, an exploit for this vulnerability has already been made public.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Gnu Binutils

Affected Vendors

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3NxoMQ
https://www.cve.org/CVERecord?id=CVE-2025-1147
https://nvd.nist.gov/vuln/detail/CVE-2025-1147

Back to Vulnerability Database