Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Ubuntu 25.10: GNU Binutils Critical Denial of Service USN-7919-1

ubuntu
Calendar Grey December 10, 2025
Dist Ubuntu Esm H88
Multiple security flaws in GNU binutils addressed in Ubuntu releases for potential code execution and DoS risks.
Several security issues were fixed in GNU binutils.

Summary

Several security issues were fixed in GNU binutils.

Software Description:

- binutils: GNU assembler, linker and binary utilities

Details:

It was discovered that GNU binutils' dump_dwarf_section function could be

manipulated to perform an out-of-bounds read. A local attacker could

possibly use this issue to cause GNU binutils to crash, resulting in a

denial of service. This issue only affected Ubuntu 25.10. (CVE-2025-11081)

It was discovered that GNU binutils incorrectly handled certain files. A

local attacker could possibly use this issue to cause a crash or execute

arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04

LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 25.10.

(CVE-2025-11082)

It was discovered that GNU binutils incorrectly handled certain inputs. A

local attacker could possibly use this issue to cause a crash or execute

arbitrary code. This issue was only fixed in Ubuntu 25.10.

(CVE-2025-11083)

It was discovered that certain GNU binutils fu...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  binutils                        2.45-7ubuntu1.2
  binutils-multiarch              2.45-7ubuntu1.2

Ubuntu 25.04
  binutils                        2.44-3ubuntu1.3
  binutils-multiarch              2.44-3ubuntu1.3

Ubuntu 24.04 LTS
  binutils                        2.42-4ubuntu2.8
  binutils-multiarch              2.42-4ubuntu2.8

Ubuntu 22.04 LTS
  binutils                        2.38-4ubuntu2.12
  binutils-multiarch              2.38-4ubuntu2.12

Ubuntu 20.04 LTS
  binutils                        2.34-6ubuntu1.11+esm2
                                  Available with Ubuntu Pro
  binutils-multiarch              2.34-6ubuntu1.11+esm2
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  binutils                        2.30-21ubuntu1~18.04.9+esm13
                                  Available with Ubuntu Pro
  binutils-multiarch              2.30-21ubuntu1~18.04.9+esm13
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  binutils                        2.26.1-1ubuntu1~16.04.8+esm14
                                  Available with Ubuntu Pro
  binutils-multiarch              2.26.1-1ubuntu1~16.04.8+esm14
                                  Available with Ubuntu Pro

Ubuntu 14.04 LTS
  binutils                        2.24-5ubuntu14.2+esm8
                                  Available with Ubuntu Pro
  binutils-multiarch              2.24-5ubuntu14.2+esm8
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7919-1

CVE-2025-11081, CVE-2025-11082, CVE-2025-11083, CVE-2025-11412,

CVE-2025-11413, CVE-2025-11414, CVE-2025-11494, CVE-2025-11495

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7919-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here