CVE-2025-1151

Summary

CVE-2025-1151 is a newly discovered vulnerability affecting the GNU Binutils 2.43 version. The issue lies in the ld component's xmemdup.c file, specifically the xmemdup function. The vulnerability results in a memory leak, potentially leading to remote attacks. The complexity and difficulty of exploiting this vulnerability are relatively high. The exploit has been publicly disclosed, and attackers may already be attempting to use it. To mitigate this risk, it is recommended to apply the available patch. The code maintainer plans to incorporate the leak fixes in the upcoming Binutils master release, but will not do so for the 2.44 branch due to concerns over potential stability issues.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.