CVE-2025-1149 | GNU Binutils 2.43 ld libiberty/xmalloc.c xstrdup memory leak

A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the component ld. The manipulation leads to memory leak.

This vulnerability is uniquely identified as CVE-2025-1149. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The code maintainer explains: “I’m not going to commit some of the leak fixes I’ve been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master.”

It is recommended to apply a patch to fix this issue.

CVE-2025-1149 | GNU Binutils 2.43 ld libiberty/xmalloc.c xstrdup memory leak

Post correlati

CVE-2024-11588 | AVL-DiTEST-DiagDev libdoip 1.0.0 DoIPConnection.cpp reactOnReceivedTcpMessage null pointer dereference

CVE-2023-4637 | WPvivid Plugin up to 0.9.94 on WordPress authorization

CVE-2024-47532 | zopefoundation RestrictedPython up to 7.2 RestrictedPython.Utilities.utility_builtins information disclosure

CVE-2023-49851 | Square Thumbnails Plugin up to 1.1.0 on WordPress authorization