CVE-2025-11839

GNU Binutils prdbg.c tg_tag_type return value

Published: 10/16/2025 Last updated: 10/16/2025 Reserved: 10/16/2025

A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Performing manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be exploited.

CNA assigner: VulDB (1af790b2-7ee1-4545-860a-a788eba489b5) Requested by: n/a

Metrics

Version	Score	Severity	Vector String
4.0	1.9	Low	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
3.1	3	Low	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R
3.0	3	Low	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R
2.0	1.5	Low	CVSS:2.0/AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR

Opam packages affected (3)

bap-std clangml conf-binutils

Products affected (1)

Product	Vendor	Version
Binutils	GNU	n/a

References (7)

https://vuldb.com/?id.328774
https://vuldb.com/?ctiid.328774
https://vuldb.com/?submit.661279
https://sourceware.org/bugzilla/show_bug.cgi?id=33448
https://sourceware.org/bugzilla/attachment.cgi?id=16344
https://www.gnu.org/
https://sourceware.org/bugzilla/show_bug.cgi?id=33448

Credits (1)

2 JJLeo (VulDB User)