Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Ubuntu 22.04: Resolving Serious Memory Leak in mingw-w64-runtime

fedora
Calendar Grey October 19, 2025
Scroller Fedora
Critical backport fixes for mingw-binutils address multiple heap-based overflow threats in Fedora 42.
Backport fixes for CVE-2025-11082, CVE-2025-11083, CVE-2025-11494, CVE-2025-11495.

Summary

Cross compiled binutils (utilities like 'strip', 'as', 'ld') which

understand Windows executables and DLLs.

Update Information:

Backport fixes for CVE-2025-11082, CVE-2025-11083, CVE-2025-11494, CVE-2025-11495.

Change Log

* Fri Oct 10 2025 Sandro Mani - 2.43.1-5 - Backport fixes for CVE-2025-11494, CVE-2025-11495, CVE-2025-11082, CVE-2025-11083

References


[ 1 ] Bug #2400354 - CVE-2025-11083 mingw-binutils: GNU Binutils Linker heap-based overflow [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2400354 [ 2 ] Bug #2400358 - CVE-2025-11082 mingw-binutils: GNU Binutils Linker heap-based overflow [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2400358 [ 3 ] Bug #2402845 - CVE-2025-11495 mingw-binutils: GNU Binutils Linker heap-based overflow [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2402845 [ 4 ] Bug #2402848 - CVE-2025-11494 mingw-binutils: GNU Binutils Linker out-of-bounds read [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2402848

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-10c80b93e9' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: mingw-binutils
Product: Fedora 42
Version: 2.43.1
Release: 5.fc42
Summary: Cross-compiled version of binutils for Win32 and Win64 environments

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.