Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Ubuntu 18.04 & 16.04: USN-7423-2 critical: binutils execution flaws

Calendar Apr 29, 2025 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory DoS Ubuntu arbitrary code binutils sensitive information
Several security issues were fixed in GNU binutils. 
==========================================================================
Ubuntu Security Notice USN-7423-2
April 29, 2025

binutils vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in GNU binutils.

Software Description:
- binutils: GNU assembler, linker and binary utilities

Details:

USN-7423-1 fixed several vulnerabilities in GNU. This update provides
the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.

Original advisory details:

 It was discovered that GNU binutils incorrectly handled certain inputs.
 An attacker could possibly use this issue to cause a crash or execute
 arbitrary code. (CVE-2025-0840)

 It was discovered that GNU binutils incorrectly handled certain inputs.
 An attacker could possibly use this issue to cause a crash, expose
 sensitive information or execute arbitrary code.
 (CVE-2025-1153)

 It was discovered that ld in GNU binutils incorrectly handled certain
 files. An attacker could possibly use this issue to execute arbitrary
 code. (CVE-2025-1176)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS
  binutils                        2.30-21ubuntu1~18.04.9+esm4
                                  Available with Ubuntu Pro
  binutils-multiarch              2.30-21ubuntu1~18.04.9+esm4
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  binutils                        2.26.1-1ubuntu1~16.04.8+esm11
                                  Available with Ubuntu Pro
  binutils-multiarch              2.26.1-1ubuntu1~16.04.8+esm11
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7423-2
  https://ubuntu.com/security/notices/USN-7423-1
  CVE-2025-0840, CVE-2025-1153, CVE-2025-1176

Ubuntu 18.04 & 16.04: USN-7423-2 critical: binutils execution flaws

ubuntu
Calendar Grey April 29, 2025
Dist Ubuntu Esm H88
Several vulnerabilities identified in GNU binutils for Ubuntu have been resolved with updates that affect LTS versions.
Several security issues were fixed in GNU binutils.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in GNU binutils. Software Description: - binutils: GNU assembler, linker and binary utilities Details: USN-7423-1 fixed several vulnerabilities in GNU. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that GNU binutils incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2025-0840) It was discovered that GNU binutils incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash, expose sensitive information or execute arbitrary code. (CVE-2025-1153) It was discovered that ld in GNU binutils incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2025-1176)

Topics%20covered

Topics Covered

security advisory DoS Ubuntu arbitrary code binutils sensitive information

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS binutils 2.30-21ubuntu1~18.04.9+esm4 Available with Ubuntu Pro binutils-multiarch 2.30-21ubuntu1~18.04.9+esm4 Available with Ubuntu Pro Ubuntu 16.04 LTS binutils 2.26.1-1ubuntu1~16.04.8+esm11 Available with Ubuntu Pro binutils-multiarch 2.26.1-1ubuntu1~16.04.8+esm11 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7423-2

https://ubuntu.com/security/notices/USN-7423-1

CVE-2025-0840, CVE-2025-1153, CVE-2025-1176

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7423-2

Topics%20covered

Topics Covered

security advisory DoS Ubuntu arbitrary code binutils sensitive information

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here