Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2025-11413
CVE-2025-11413:
Linux Debian vulnerability analysis and mitigation
Overview
A vulnerability was discovered in GNU Binutils version 2.45, specifically affecting the function elflinkaddobjectsymbols in the bfd/elflink.c component of the Linker. The vulnerability was disclosed on October 7, 2025, and requires local access for exploitation (NVD).
Technical details
The vulnerability is classified as an out-of-bounds read issue in the Linker component. It has received a CVSS v4.0 score of 4.8 (Medium) and a CVSS v3.1 score of 3.3 (Low). The technical assessment indicates that the vulnerability requires local access and low attack complexity for exploitation (NVD, VulDB).
Impact
The vulnerability's impact is primarily focused on availability, with no direct impact on confidentiality or integrity. The out-of-bounds read condition could potentially lead to program crashes or denial of service scenarios when processing specially crafted input (NVD).
Mitigation and workarounds
The vulnerability has been addressed in GNU Binutils version 2.46. A specific patch has been identified with the commit hash 72efdf166aa0ed72ecc69fc2349af6591a7a19c0. Users are advised to upgrade to the fixed version (NVD).
Additional resources
Source: This report was generated using AI
Related Linux Debian vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management