cvedb.io
CVE-2025-69648
MEDIUM · CVSS 6.2
EPSS exploitation probability: 0%
Published 2026-03-09T15:15:52.210 · Last modified 2026-06-17T10:00:48.217

Summary

GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debug_rnglists data. A logic flaw in the DWARF parsing path causes readelf to repeatedly print the same warning message without making forward progress, resulting in a non-terminating output loop that requires manual interruption. No evidence of memory corruption or code execution was observed.

Affected products

gnu — binutils

Does this affect you?

Add your gear to cvedb and we'll alert you only when gnu ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.