CVE-2025-0840

MediumPublic PoC

Published: 29 January 2025

Published

29 January 2025

Modified

04 March 2025

KEV Added

—

Patch

—

CVSS Score 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

EPSS Score 0.0010 27.4th percentile

Risk Priority 10 60% EPSS · 20% KEV · 20% CVSS

Description

A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemble_bytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 2.44 is able to address this issue. The identifier of the patch is baac6c221e9d69335bf41366a1c7d87d8ab2f893. It is recommended to upgrade the affected component.

Security Summary

CVE-2025-0840 is a stack-based buffer overflow vulnerability in the disassemble_bytes function within binutils/objdump.c of GNU Binutils versions up to and including 2.43. The issue arises from manipulation of the 'buf' argument, classified under CWEs-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), CWE-121 (Stack-based Buffer Overflow), and CWE-787 (Out-of-bounds Write). It carries a CVSS v3.1 base score of 5.0 (AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L), rated as medium severity and problematic.

The vulnerability enables remote exploitation with no privileges required, though it demands high attack complexity and user interaction. An attacker could trigger the buffer overflow by supplying a specially crafted input to objdump, potentially resulting in limited impacts: low confidentiality (disclosure of sensitive information), integrity (modification of data), and availability (denial of service). Exploitability is described as difficult, but a proof-of-concept has been publicly disclosed and may be usable.

Advisories recommend upgrading to GNU Binutils version 2.44, which addresses the flaw via commit baac6c221e9d69335bf41366a1c7d87d8ab2f893. Relevant resources include the Sourceware Bugzilla entry (bug 32560) with attachment 15882 detailing the issue, the git patch, and VulDB entries (ctiid.293997, id.293997) for further analysis.

Details

CWE(s): CWE-119CWE-121CWE-787

Affected Products

gnu

binutils

≤ 2.44

References

https://sourceware.org/bugzilla/attachment.cgi?id=15882
Broken Link · cna@vuldb.com
https://sourceware.org/bugzilla/show_bug.cgi?id=32560
Exploit, Issue Tracking · cna@vuldb.com
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=baac6c221e9d69335bf41366a1c7d87d8ab2f893
Patch · cna@vuldb.com
https://vuldb.com/?ctiid.293997
Permissions Required, VDB Entry · cna@vuldb.com
https://vuldb.com/?id.293997
Third Party Advisory, VDB Entry · cna@vuldb.com
https://vuldb.com/?submit.485255
Exploit, Third Party Advisory, VDB Entry · cna@vuldb.com
https://www.gnu.org/
Product · cna@vuldb.com