Vulnerability Database>CVE-2025-69649

CVE-2025-69649

‍

Publish date: March 9, 2026

Severity

High

CVSS score

7.5

Package

binutils

Affected versions

>= 2.45~alpha1-any0, < 2.45.90.20260201+really2.45.50.20251201-1+e3

GNU Binutils, up to version 2.46, has a null pointer dereference vulnerability in the readelf tool when it processes a specially crafted ELF binary that contains malformed header fields. During the relocation processing, an invalid or null section pointer can be passed into the display_relocations() function, leading to a segmentation fault (SIGSEGV) and subsequent abrupt termination of the program. There is no evidence of memory corruption beyond the null pointer dereference, and no potential for code execution has been observed.

‍

Learn about Echo's vulnerability management

Learn more

CVE-2025-69649

NVD Record:

References:

Related CVEs: