CVE-2025-69645
Received Received - Intake
Denial-of-Service in Binutils objdump via Malformed DWARF Data

Publication date: 2026-03-06

Last updated on: 2026-03-20

Assigner: MITRE

Description
Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offset_size value being used inside byte_get_little_endian, leading to an abort (SIGABRT). The issue was observed in binutils 2.44. A local attacker can trigger the crash by supplying a malicious input file.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-06
Last Modified
2026-03-20
Generated
2026-06-16
AI Q&A
2026-03-06
EPSS Evaluated
2026-06-15
NVD
CVE-2025-69645
EUVD
EUVD-2025-208343
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
gnu binutils 2.44
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-400 The product does not properly control the allocation and maintenance of a limited resource.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Binutils objdump tool, specifically when it processes a crafted binary containing malformed DWARF debug information.

A logic error in how DWARF compilation units are handled causes an invalid offset_size value to be used inside the function byte_get_little_endian, which leads to the program aborting unexpectedly (SIGABRT).

This issue was observed in binutils version 2.44 and can be triggered locally by an attacker providing a malicious input file.

Impact Analysis

The vulnerability can cause a denial-of-service condition by crashing the objdump tool when it processes a maliciously crafted binary file.

A local attacker can exploit this by supplying a specially crafted input file that triggers the crash, potentially disrupting workflows or automated processes that rely on objdump.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-69645. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart