CVE-2026-6845

Received Received - Intake

Denial of Service in binutils readelf via Malformed ELF File

Publication date: 2026-04-22

Last updated on: 2026-04-22

Assigner: Red Hat, Inc.

Description

A flaw was found in binutils, specifically within the `readelf` utility. This vulnerability allows a local attacker to cause a Denial of Service (DoS) by tricking a user into processing a specially crafted Executable and Linkable Format (ELF) file. The exploitation of this flaw can lead to the system becoming unresponsive due to excessive resource consumption or a program crash.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-04-22

Last Modified

2026-04-22

Generated

2026-05-06

EPSS Evaluated

2026-05-05

NVD

CVE-2026-6845

EUVD

EUVD-2026-24712

Affected Vendors & Products

Vendor	Product	Version / Range
gnu	binutils	*
gnu	binutils	2.46

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-476	The product dereferences a pointer that it expects to be valid but is NULL.

Attack-Flow Graph

Ask Our AI Assistant

Need more information? Ask your question to get an AI reply (Powered by our expertise)

0/70

CVE-2026-6845

Denial of Service in binutils readelf via Malformed ELF File

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

Ask Our AI Assistant

EPSS Chart