{ "document": { "aggregate_severity": { "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" }, { "category": "details", "text": "CVE-2025-66862: fix buffer overflow in gnu_special cplus-dem.c\n- CVE-2025-66863: fix denial of service in d_discriminator cp-demangle.c\n- CVE-2025-66865: fix denial of service in d_print_comp_inner cp-demangle.c", "title": "Details" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587", "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/cloudlinux7els/advisories/2026/clsa-2026_1777727587.json" } ], "tracking": { "current_release_date": "2026-05-11T11:03:46Z", "generator": { "date": "2026-05-11T11:03:46Z", "engine": { "name": "pyCSAF" } }, "id": "CLSA-2026:1777727587", "initial_release_date": "2026-05-02T13:13:10Z", "revision_history": [ { "date": "2026-05-02T13:13:10Z", "number": "1", "summary": "Initial version" }, { "date": "2026-05-11T11:03:46Z", "number": "2", "summary": "Official Publication" } ], "status": "final", "version": "2" }, "title": "binutils: Fix of 3 CVEs" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "CloudLinux 7", "product": { "name": "CloudLinux 7", "product_id": "CloudLinux-7", "product_identification_helper": { "cpe": "cpe:2.3:o:cloudlinux:cloudlinux:7:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "CloudLinux" } ], "category": "vendor", "name": "Cloud Linux Software, Inc." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "product": { "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "product_id": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/binutils-devel@2.27-44.base.el7_9.1.tuxcare.els6?arch=x86_64" } } }, { "category": "product_version", "name": "binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "product": { "name": "binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "product_id": "binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/binutils@2.27-44.base.el7_9.1.tuxcare.els6?arch=x86_64" } } }, { "category": "product_version", "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "product": { "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "product_id": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/binutils-devel@2.27-44.base.el7_9.1.tuxcare.els5?arch=x86_64" } } }, { "category": "product_version", "name": "binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "product": { "name": "binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "product_id": "binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/binutils@2.27-44.base.el7_9.1.tuxcare.els5?arch=x86_64" } } }, { "category": "product_version", "name": "binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "product": { "name": "binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "product_id": "binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/binutils@2.27-44.base.el7_9.1.tuxcare.els4?arch=x86_64" } } }, { "category": "product_version", "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "product": { "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "product_id": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/binutils-devel@2.27-44.base.el7_9.1.tuxcare.els4?arch=x86_64" } } }, { "category": "product_version", "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "product": { "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "product_id": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/binutils-devel@2.27-44.base.el7_9.1.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "product": { "name": "binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "product_id": "binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/binutils@2.27-44.base.el7_9.1.tuxcare.els2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "product": { "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "product_id": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/binutils-devel@2.27-44.base.el7_9.1.tuxcare.els6?arch=i686" } } }, { "category": "product_version", "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "product": { "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "product_id": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/binutils-devel@2.27-44.base.el7_9.1.tuxcare.els5?arch=i686" } } }, { "category": "product_version", "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "product": { "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "product_id": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/binutils-devel@2.27-44.base.el7_9.1.tuxcare.els4?arch=i686" } } }, { "category": "product_version", "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "product": { "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "product_id": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/binutils-devel@2.27-44.base.el7_9.1.tuxcare.els2?arch=i686" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "CloudLinux" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64 as a component of CloudLinux 7", "product_id": "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" }, "product_reference": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "relates_to_product_reference": "CloudLinux-7" }, { "category": "default_component_of", "full_product_name": { "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686 as a component of CloudLinux 7", "product_id": "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686" }, "product_reference": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "relates_to_product_reference": "CloudLinux-7" }, { "category": "default_component_of", "full_product_name": { "name": "binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64 as a component of CloudLinux 7", "product_id": "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" }, "product_reference": "binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "relates_to_product_reference": "CloudLinux-7" }, { "category": "default_component_of", "full_product_name": { "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686 as a component of CloudLinux 7", "product_id": "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686" }, "product_reference": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "relates_to_product_reference": "CloudLinux-7" }, { "category": "default_component_of", "full_product_name": { "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64 as a component of CloudLinux 7", "product_id": "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" }, "product_reference": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "relates_to_product_reference": "CloudLinux-7" }, { "category": "default_component_of", "full_product_name": { "name": "binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64 as a component of CloudLinux 7", "product_id": "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" }, "product_reference": "binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "relates_to_product_reference": "CloudLinux-7" }, { "category": "default_component_of", "full_product_name": { "name": "binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64 as a component of CloudLinux 7", "product_id": "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64" }, "product_reference": "binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "relates_to_product_reference": "CloudLinux-7" }, { "category": "default_component_of", "full_product_name": { "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686 as a component of CloudLinux 7", "product_id": "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686" }, "product_reference": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "relates_to_product_reference": "CloudLinux-7" }, { "category": "default_component_of", "full_product_name": { "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64 as a component of CloudLinux 7", "product_id": "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64" }, "product_reference": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "relates_to_product_reference": "CloudLinux-7" }, { "category": "default_component_of", "full_product_name": { "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64 as a component of CloudLinux 7", "product_id": "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64" }, "product_reference": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "relates_to_product_reference": "CloudLinux-7" }, { "category": "default_component_of", "full_product_name": { "name": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686 as a component of CloudLinux 7", "product_id": "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686" }, "product_reference": "binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "relates_to_product_reference": "CloudLinux-7" }, { "category": "default_component_of", "full_product_name": { "name": "binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64 as a component of CloudLinux 7", "product_id": "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64" }, "product_reference": "binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "relates_to_product_reference": "CloudLinux-7" } ] }, "vulnerabilities": [ { "cve": "CVE-2025-66863", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "An issue was discovered in function d_discriminator in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "known_affected": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-66863" } ], "release_date": "2025-12-29T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-02T13:13:10.656498Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587" }, { "category": "none_available", "date": "2025-12-29T00:00:00Z", "details": "Affected", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ] }, { "cve": "CVE-2022-47695", "notes": [ { "category": "description", "text": "An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function bfd_mach_o_get_synthetic_symtab in match-o.c.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "known_affected": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-47695" }, { "category": "external", "summary": "https://sourceware.org/bugzilla/show_bug.cgi?id=29846", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29846" } ], "release_date": "2023-08-22T19:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-02T13:13:10.656498Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587" }, { "category": "none_available", "date": "2023-08-22T19:16:00Z", "details": "Affected", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-25584", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "known_affected": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-25584" }, { "category": "external", "summary": "https://access.redhat.com/security/cve/CVE-2023-25584", "url": "https://access.redhat.com/security/cve/CVE-2023-25584" }, { "category": "external", "summary": "https://bugzilla.redhat.com/show_bug.cgi?id=2167467", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167467" }, { "category": "external", "summary": "https://security.netapp.com/advisory/ntap-20231103-0002/", "url": "https://security.netapp.com/advisory/ntap-20231103-0002/" }, { "category": "external", "summary": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=77c225bdeb410cf60da804879ad41622f5f1aa44", "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=77c225bdeb410cf60da804879ad41622f5f1aa44" } ], "release_date": "2023-09-14T21:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-02T13:13:10.656498Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587" }, { "category": "none_available", "date": "2023-09-14T21:15:00Z", "details": "Affected", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-66862", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "A buffer overflow vulnerability in function gnu_special in file cplus-dem.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "known_affected": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-66862" } ], "release_date": "2025-12-29T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-02T13:13:10.656498Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587" }, { "category": "none_available", "date": "2025-12-29T00:00:00Z", "details": "Affected", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ] }, { "cve": "CVE-2021-45078", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "known_affected": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2021-45078" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQBH244M5PV6S6UMHUTCVCWFZDX7Y4M6/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQBH244M5PV6S6UMHUTCVCWFZDX7Y4M6/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UUHLDDT3HH7YEY6TX7IJRGPJUTNNVEL3/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UUHLDDT3HH7YEY6TX7IJRGPJUTNNVEL3/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202208-30", "url": "https://security.gentoo.org/glsa/202208-30" }, { "category": "external", "summary": "https://security.netapp.com/advisory/ntap-20220107-0002/", "url": "https://security.netapp.com/advisory/ntap-20220107-0002/" }, { "category": "external", "summary": "https://sourceware.org/bugzilla/show_bug.cgi?id=28694", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28694" }, { "category": "external", "summary": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=161e87d12167b1e36193385485c1f6ce92f74f02", "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=161e87d12167b1e36193385485c1f6ce92f74f02" } ], "release_date": "2021-12-15T20:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-02T13:13:10.656498Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587" }, { "category": "none_available", "date": "2021-12-15T20:15:00Z", "details": "Affected", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-7545", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "description", "text": "A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copy_section of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is named 08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944. It is recommended to apply a patch to fix this issue.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "known_affected": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-7545" }, { "category": "external", "summary": "https://sourceware.org/bugzilla/attachment.cgi?id=16117", "url": "https://sourceware.org/bugzilla/attachment.cgi?id=16117" }, { "category": "external", "summary": "https://sourceware.org/bugzilla/show_bug.cgi?id=33049", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33049" }, { "category": "external", "summary": "https://sourceware.org/bugzilla/show_bug.cgi?id=33049#c1", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33049#c1" }, { "category": "external", "summary": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944", "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944" }, { "category": "external", "summary": "https://vuldb.com/?ctiid.316243", "url": "https://vuldb.com/?ctiid.316243" }, { "category": "external", "summary": "https://vuldb.com/?id.316243", "url": "https://vuldb.com/?id.316243" }, { "category": "external", "summary": "https://vuldb.com/?submit.614355", "url": "https://vuldb.com/?submit.614355" }, { "category": "external", "summary": "https://www.gnu.org/", "url": "https://www.gnu.org/" } ], "release_date": "2025-07-13T22:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-02T13:13:10.656498Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587" }, { "category": "none_available", "date": "2025-07-13T22:15:00Z", "details": "Affected", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-47696", "notes": [ { "category": "description", "text": "An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "known_affected": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-47696" }, { "category": "external", "summary": "https://sourceware.org/bugzilla/show_bug.cgi?id=29677", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29677" } ], "release_date": "2023-08-22T19:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-02T13:13:10.656498Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587" }, { "category": "none_available", "date": "2023-08-22T19:16:00Z", "details": "Affected", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-44840", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "known_affected": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-44840" }, { "category": "external", "summary": "https://sourceware.org/bugzilla/show_bug.cgi?id=29732", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29732" } ], "release_date": "2023-08-22T19:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-02T13:13:10.656498Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587" }, { "category": "none_available", "date": "2023-08-22T19:16:00Z", "details": "Affected", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-11082", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "description", "text": "A flaw has been found in GNU Binutils 2.45. Impacted is the function _bfd_elf_parse_eh_frame of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. This patch is called ea1a0737c7692737a644af0486b71e4a392cbca8. A patch should be applied to remediate this issue. The code maintainer replied with \"[f]ixed for 2.46\".", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "known_affected": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-11082" }, { "category": "external", "summary": "https://sourceware.org/bugzilla/attachment.cgi?id=16358", "url": "https://sourceware.org/bugzilla/attachment.cgi?id=16358" }, { "category": "external", "summary": "https://sourceware.org/bugzilla/show_bug.cgi?id=33464", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33464" }, { "category": "external", "summary": "https://sourceware.org/bugzilla/show_bug.cgi?id=33464#c2", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33464#c2" }, { "category": "external", "summary": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ea1a0737c7692737a644af0486b71e4a392cbca8", "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ea1a0737c7692737a644af0486b71e4a392cbca8" }, { "category": "external", "summary": "https://vuldb.com/?ctiid.326123", "url": "https://vuldb.com/?ctiid.326123" }, { "category": "external", "summary": "https://vuldb.com/?id.326123", "url": "https://vuldb.com/?id.326123" }, { "category": "external", "summary": "https://vuldb.com/?submit.661276", "url": "https://vuldb.com/?submit.661276" }, { "category": "external", "summary": "https://www.gnu.org/", "url": "https://www.gnu.org/" } ], "release_date": "2025-09-27T23:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-02T13:13:10.656498Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587" }, { "category": "none_available", "date": "2025-09-27T23:15:00Z", "details": "Affected", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-45703", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "known_affected": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-45703" }, { "category": "external", "summary": "https://security.netapp.com/advisory/ntap-20231006-0003/", "url": "https://security.netapp.com/advisory/ntap-20231006-0003/" }, { "category": "external", "summary": "https://sourceware.org/bugzilla/show_bug.cgi?id=29799", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29799" } ], "release_date": "2023-08-22T19:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-02T13:13:10.656498Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587" }, { "category": "none_available", "date": "2023-08-22T19:16:00Z", "details": "Affected", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-66865", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "notes": [ { "category": "description", "text": "An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "known_affected": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-66865" } ], "release_date": "2025-12-29T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-02T13:13:10.656498Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587" }, { "category": "none_available", "date": "2025-12-29T00:00:00Z", "details": "Affected", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ] }, { "cve": "CVE-2025-5244", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "description", "text": "A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elf_gc_sweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 2.45 is able to address this issue. It is recommended to upgrade the affected component.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "known_affected": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-5244" }, { "category": "external", "summary": "https://sourceware.org/bugzilla/attachment.cgi?id=16010", "url": "https://sourceware.org/bugzilla/attachment.cgi?id=16010" }, { "category": "external", "summary": "https://sourceware.org/bugzilla/show_bug.cgi?id=32858", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32858" }, { "category": "external", "summary": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d1458933830456e54223d9fc61f0d9b3a19256f5", "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d1458933830456e54223d9fc61f0d9b3a19256f5" }, { "category": "external", "summary": "https://vuldb.com/?ctiid.310346", "url": "https://vuldb.com/?ctiid.310346" }, { "category": "external", "summary": "https://vuldb.com/?id.310346", "url": "https://vuldb.com/?id.310346" }, { "category": "external", "summary": "https://vuldb.com/?submit.584634", "url": "https://vuldb.com/?submit.584634" }, { "category": "external", "summary": "https://www.gnu.org/", "url": "https://www.gnu.org/" } ], "release_date": "2025-05-27T13:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-02T13:13:10.656498Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587" }, { "category": "none_available", "date": "2025-05-27T13:15:00Z", "details": "Affected", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2021-42574", "cwe": { "id": "CWE-94", "name": "Improper Control of Generation of Code ('Code Injection')" }, "notes": [ { "category": "description", "text": "An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and interpreters. Adversaries can leverage this to encode source code for compilers accepting Unicode such that targeted vulnerabilities are introduced invisibly to human reviewers. NOTE: the Unicode Consortium offers the following alternative approach to presenting this concern. An issue is noted in the nature of international text that can affect applications that implement support for The Unicode Standard and the Unicode Bidirectional Algorithm (all versions). Due to text display behavior when text includes left-to-right and right-to-left characters, the visual order of tokens may be different from their logical order. Additionally, control characters needed to fully support the requirements of bidirectional text can further obfuscate the logical order of tokens. Unless mitigated, an adversary could craft source code such that the ordering of tokens perceived by human reviewers does not match what will be processed by a compiler/interpreter/etc. The Unicode Consortium has documented this class of vulnerability in its document, Unicode Technical Report #36, Unicode Security Considerations. The Unicode Consortium also provides guidance on mitigations for this class of issues in Unicode Technical Standard #39, Unicode Security Mechanisms, and in Unicode Standard Annex #31, Unicode Identifier and Pattern Syntax. Also, the BIDI specification allows applications to tailor the implementation in ways that can mitigate misleading visual reordering in program text; see HL4 in Unicode Standard Annex #9, Unicode Bidirectional Algorithm.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "known_affected": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2021-42574" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2021/11/01/1", "url": "http://www.openwall.com/lists/oss-security/2021/11/01/1" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2021/11/01/4", "url": "http://www.openwall.com/lists/oss-security/2021/11/01/4" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2021/11/01/5", "url": "http://www.openwall.com/lists/oss-security/2021/11/01/5" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2021/11/01/6", "url": "http://www.openwall.com/lists/oss-security/2021/11/01/6" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2021/11/02/10", "url": "http://www.openwall.com/lists/oss-security/2021/11/02/10" }, { "category": "external", "summary": "http://www.unicode.org/versions/Unicode14.0.0/", "url": "http://www.unicode.org/versions/Unicode14.0.0/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2RG5YTR6ZZOLUV3EUPZEIJR7XHJLVD/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2RG5YTR6ZZOLUV3EUPZEIJR7XHJLVD/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQNTFF24ROHLVPLUOEISBN3F7QM27L4U/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQNTFF24ROHLVPLUOEISBN3F7QM27L4U/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QUPA37D57VPTDLSXOOGF4UXUEADOC4PQ/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QUPA37D57VPTDLSXOOGF4UXUEADOC4PQ/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202210-09", "url": "https://security.gentoo.org/glsa/202210-09" }, { "category": "external", "summary": "https://trojansource.codes", "url": "https://trojansource.codes/" }, { "category": "external", "summary": "https://www.kb.cert.org/vuls/id/999008", "url": "https://www.kb.cert.org/vuls/id/999008" }, { "category": "external", "summary": "https://www.scyon.nl/post/trojans-in-your-source-code", "url": "https://www.scyon.nl/post/trojans-in-your-source-code" }, { "category": "external", "summary": "https://www.starwindsoftware.com/security/sw-20220804-0002/", "url": "https://www.starwindsoftware.com/security/sw-20220804-0002/" }, { "category": "external", "summary": "https://www.unicode.org/reports/tr31/", "url": "https://www.unicode.org/reports/tr31/" }, { "category": "external", "summary": "https://www.unicode.org/reports/tr36/", "url": "https://www.unicode.org/reports/tr36/" }, { "category": "external", "summary": "https://www.unicode.org/reports/tr39/", "url": "https://www.unicode.org/reports/tr39/" }, { "category": "external", "summary": "https://www.unicode.org/reports/tr9/tr9-44.html#HL4", "url": "https://www.unicode.org/reports/tr9/tr9-44.html#HL4" } ], "release_date": "2021-11-01T04:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-02T13:13:10.656498Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587" }, { "category": "none_available", "date": "2021-11-01T04:15:00Z", "details": "Affected", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2021-46174", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "known_affected": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2021-46174" }, { "category": "external", "summary": "https://sourceware.org/bugzilla/show_bug.cgi?id=28753", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28753" } ], "release_date": "2023-08-22T19:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-02T13:13:10.656498Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587" }, { "category": "none_available", "date": "2023-08-22T19:16:00Z", "details": "Affected", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-47673", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "known_affected": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-47673" }, { "category": "external", "summary": "https://sourceware.org/bugzilla/show_bug.cgi?id=29876", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29876" } ], "release_date": "2023-08-22T19:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-02T13:13:10.656498Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587" }, { "category": "none_available", "date": "2023-08-22T19:16:00Z", "details": "Affected", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-5245", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "description", "text": "A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debug_type_samep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "known_affected": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-5245" }, { "category": "external", "summary": "https://sourceware.org/bugzilla/attachment.cgi?id=16004", "url": "https://sourceware.org/bugzilla/attachment.cgi?id=16004" }, { "category": "external", "summary": "https://sourceware.org/bugzilla/show_bug.cgi?id=32829", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32829" }, { "category": "external", "summary": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6c3458a8b7ee7d39f070c7b2350851cb2110c65a", "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6c3458a8b7ee7d39f070c7b2350851cb2110c65a" }, { "category": "external", "summary": "https://vuldb.com/?ctiid.310347", "url": "https://vuldb.com/?ctiid.310347" }, { "category": "external", "summary": "https://vuldb.com/?id.310347", "url": "https://vuldb.com/?id.310347" }, { "category": "external", "summary": "https://vuldb.com/?submit.584635", "url": "https://vuldb.com/?submit.584635" }, { "category": "external", "summary": "https://www.gnu.org/", "url": "https://www.gnu.org/" } ], "release_date": "2025-05-27T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-05-02T13:13:10.656498Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777727587" }, { "category": "none_available", "date": "2025-05-27T15:15:00Z", "details": "Affected", "product_ids": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els2.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els4.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els5.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CloudLinux-7:binutils-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.i686", "CloudLinux-7:binutils-devel-0:2.27-44.base.el7_9.1.tuxcare.els6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] } ] }