CVE-2025-1150

Summary

CVE-2025-1150 is a recently disclosed vulnerability affecting the GNU Binutils 2.43 version. The issue lies within the bfd_malloc function of the libbfd.c component in ld, leading to a memory leak. This weakness can be exploited remotely, although the complexity and difficulty of an attack are relatively high. The exploit has been made public, increasing the risk of potential attacks. To mitigate this vulnerability, it is advised to apply the available patch as the code maintainer has opted not to incorporate some of the leak fixes into the 2.44 branch, citing potential instability concerns.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.