vulnerability

Ubuntu: USN-7899-1 (CVE-2025-11839): GNU binutils vulnerabilities

Try Surface Command
Back to search
Severity
2
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:P)
Published
Oct 16, 2025
Added
Dec 2, 2025
Modified
Dec 3, 2025

Description

It was discovered that GNU binutils could be forced to perform an out-
of-bounds read in certain instances. An attacker with local access to
a system could possibly use this issue to cause a denial of service.
(CVE-2025-11839, CVE-2025-11840)

It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04
LTS, and Ubuntu 20.04 LTS. (CVE-2025-8225)

It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or
execute arbitrary code. This issue only affected Ubuntu 14.04 LTS,
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS.
(CVE-2025-5244, CVE-2025-5245)

It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2025-3198)

It was discovered that GNU binutils incorrectly handled certain files.
An attacker could possibly use this issue to cause a crash. This issue
only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS.
(CVE-2025-1182)

It was discovered that ld in GNU binutils incorrectly handled certain
files. An attacker could possibly use this issue to cause a crash,
expose sensitive information or execute arbitrary code. This issue
only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS.
(CVE-2025-1181)

It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash, expose
sensitive information or execute arbitrary code. This issue only
affected Ubuntu 25.04. (CVE-2025-1153)

It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code. This issue only affected Ubuntu 14.04 LTS.
(CVE-2025-0840)

Solutions

ubuntu-pro-upgrade-binutilsubuntu-pro-upgrade-binutils-multiarch

References

    Title
    NEW

    Explore Exposure Command

    Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

    Try it today