CVE-2026-6844
Denial of Service in binutils readelf via ELF File Parsing
Publication date: 2026-04-22
Last updated on: 2026-04-22
Assigner: Red Hat, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| gnu | binutils | 2.46 |
| gnu | binutils | * |
| gnu | binutils | From 2.46 (inc) |
| gnu | binutils | to 2.46 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-400 | The product does not properly control the allocation and maintenance of a limited resource. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-6844 involves two denial of service (DoS) vulnerabilities in the readelf utility of the Binutils package, version 2.46.
The first vulnerability is a resource exhaustion issue where a specially crafted ELF file causes readelf to attempt to allocate about 6.3 terabytes of memory, leading to an out-of-memory (OOM) condition.
The second vulnerability is a null pointer dereference triggered by malformed section header entry size or offset fields in the ELF file, causing a segmentation fault and crashing the utility.
Both vulnerabilities cause readelf to become unresponsive or crash, resulting in denial of service.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in the readelf utility causes denial of service conditions but does not impact confidentiality or integrity of data.
Since the vulnerability leads to service unavailability without exposing or altering sensitive data, it primarily affects availability.
Therefore, while it may impact operational continuity, it does not directly violate compliance requirements related to data privacy or protection under standards like GDPR or HIPAA.
How can this vulnerability impact me? :
If you use the vulnerable readelf utility on Linux systems, an attacker with local access can cause the utility to crash or become unresponsive by providing specially crafted ELF files.
This can lead to denial of service conditions, potentially disrupting processes or workflows that rely on readelf for ELF file analysis.
The resource exhaustion vulnerability can cause the system to run out of memory, possibly affecting system stability.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by identifying if the vulnerable version of the readelf utility (version 2.46) from the binutils package is present on your system.
Since the issue is triggered by specially crafted ELF files causing resource exhaustion or segmentation faults, detection involves monitoring for crashes or unresponsiveness of readelf when processing ELF files.
You can check the version of readelf installed by running the command:
- `readelf --version`
Additionally, testing readelf with known proof-of-concept ELF files (if available internally) can help detect if the vulnerability is exploitable.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding the use of the vulnerable readelf utility on untrusted or specially crafted ELF files that could trigger the denial of service.
Monitoring and restricting access to readelf for unprivileged users can reduce the risk of exploitation.
Applying patches or updates provided by your Linux distribution or the binutils package maintainers that address this vulnerability is the recommended long-term mitigation.