Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Ubuntu 18.04 & 16.04: USN-7423-2 critical: binutils execution flaws

ubuntu
Calendar Grey April 29, 2025
Dist Ubuntu Esm H88
Several vulnerabilities identified in GNU binutils for Ubuntu have been resolved with updates that affect LTS versions.
Several security issues were fixed in GNU binutils.

Summary

Several security issues were fixed in GNU binutils.

Software Description:

- binutils: GNU assembler, linker and binary utilities

Details:

USN-7423-1 fixed several vulnerabilities in GNU. This update provides

the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.

Original advisory details:

It was discovered that GNU binutils incorrectly handled certain inputs.

An attacker could possibly use this issue to cause a crash or execute

arbitrary code. (CVE-2025-0840)

It was discovered that GNU binutils incorrectly handled certain inputs.

An attacker could possibly use this issue to cause a crash, expose

sensitive information or execute arbitrary code.

(CVE-2025-1153)

It was discovered that ld in GNU binutils incorrectly handled certain

files. An attacker could possibly use this issue to execute arbitrary

code. (CVE-2025-1176)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS
  binutils                        2.30-21ubuntu1~18.04.9+esm4
                                  Available with Ubuntu Pro
  binutils-multiarch              2.30-21ubuntu1~18.04.9+esm4
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  binutils                        2.26.1-1ubuntu1~16.04.8+esm11
                                  Available with Ubuntu Pro
  binutils-multiarch              2.26.1-1ubuntu1~16.04.8+esm11
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7423-2

https://ubuntu.com/security/notices/USN-7423-1

CVE-2025-0840, CVE-2025-1153, CVE-2025-1176

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7423-2

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here