CVE-2025-69648

{"id": "CVE-2025-69648", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.5}]}, "published": "2026-03-09T15:15:52.210", "references": [{"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33641", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=598704a00cbac5e85c2bedd363357b5bf6fcee33", "tags": ["Patch"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-835"}]}], "descriptions": [{"lang": "en", "value": "GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debug_rnglists data. A logic flaw in the DWARF parsing path causes readelf to repeatedly print the same warning message without making forward progress, resulting in a non-terminating output loop that requires manual interruption. No evidence of memory corruption or code execution was observed."}, {"lang": "es", "value": "GNU Binutils hasta la versi\u00f3n 2.45.1 readelf contiene una vulnerabilidad de denegaci\u00f3n de servicio al procesar un binario manipulado con datos DWARF .debug_rnglists malformados. Un fallo l\u00f3gico en la ruta de an\u00e1lisis DWARF provoca que readelf imprima repetidamente el mismo mensaje de advertencia sin avanzar, lo que resulta en un bucle de salida no terminante que requiere interrupci\u00f3n manual. No se observ\u00f3 evidencia de corrupci\u00f3n de memoria ni ejecuci\u00f3n de c\u00f3digo."}], "lastModified": "2026-03-13T16:43:41.887", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5636F25-118E-4BA7-9A62-6AFCC5CF7FC9", "versionEndIncluding": "2.45.1"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}