Packages
- binutils - GNU assembler, linker and binary utilities
Details
It was discovered that GNU binutils' dump_dwarf_section function could be
manipulated to perform an out-of-bounds read. A local attacker could
possibly use this issue to cause GNU binutils to crash, resulting in a
denial of service. This issue only affected Ubuntu 25.10. (CVE-2025-11081)
It was discovered that GNU binutils incorrectly handled certain files. A
local attacker could possibly use this issue to cause a crash or execute
arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04
LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 25.10.
(CVE-2025-11082)
It was discovered that GNU binutils incorrectly handled certain inputs. A
local attacker could possibly use this issue to cause a crash or execute
arbitrary code. This issue was only fixed in Ubuntu 25.10.
(CVE-2025-11083)
It was...
It was discovered that GNU binutils' dump_dwarf_section function could be
manipulated to perform an out-of-bounds read. A local attacker could
possibly use this issue to cause GNU binutils to crash, resulting in a
denial of service. This issue only affected Ubuntu 25.10. (CVE-2025-11081)
It was discovered that GNU binutils incorrectly handled certain files. A
local attacker could possibly use this issue to cause a crash or execute
arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04
LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 25.10.
(CVE-2025-11082)
It was discovered that GNU binutils incorrectly handled certain inputs. A
local attacker could possibly use this issue to cause a crash or execute
arbitrary code. This issue was only fixed in Ubuntu 25.10.
(CVE-2025-11083)
It was discovered that certain GNU binutils functions could be manipulated
to perform out-of-bounds reads. A local attacker could possibly use this
issue to cause GNU binutils to crash, resulting in a denial of service.
(CVE-2025-11412, CVE-2025-11413, CVE-2025-11414)
It was discovered that GNU binutils' _bfd_x86_elf_late_size_sections
function could be manipulated to perform an out-of-bounds read. A local
attacker could possibly use this issue to cause GNU binutils to crash,
resulting in a denial of service. This issue only affected Ubuntu 18.04
LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.04,
and Ubuntu 25.10. (CVE-2025-11494)
It was discovered that GNU binutils' elf_x86_64_relocate_section function
could be manipulated to cause a heap-based buffer overflow. A local
attacker could possibly use this issue to cause GNU binutils to crash,
resulting in a denial of service. This issue was only fixed in Ubuntu
25.04 and Ubuntu 25.10. (CVE-2025-11495)
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 25.10 questing | binutils – 2.45-7ubuntu1.2 | ||
| binutils-multiarch – 2.45-7ubuntu1.2 | |||
| 25.04 plucky | binutils – 2.44-3ubuntu1.3 | ||
| binutils-multiarch – 2.44-3ubuntu1.3 | |||
| 24.04 LTS noble | binutils – 2.42-4ubuntu2.8 | ||
| binutils-multiarch – 2.42-4ubuntu2.8 | |||
| 22.04 LTS jammy | binutils – 2.38-4ubuntu2.12 | ||
| binutils-multiarch – 2.38-4ubuntu2.12 | |||
| 20.04 LTS focal | binutils – 2.34-6ubuntu1.11+esm2 | ||
| binutils-multiarch – 2.34-6ubuntu1.11+esm2 | |||
| 18.04 LTS bionic | binutils – 2.30-21ubuntu1~18.04.9+esm13 | ||
| binutils-multiarch – 2.30-21ubuntu1~18.04.9+esm13 | |||
| 16.04 LTS xenial | binutils – 2.26.1-1ubuntu1~16.04.8+esm14 | ||
| binutils-multiarch – 2.26.1-1ubuntu1~16.04.8+esm14 | |||
| 14.04 LTS trusty | binutils – 2.24-5ubuntu14.2+esm8 | ||
| binutils-multiarch – 2.24-5ubuntu14.2+esm8 | |||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.