GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF loclists data. A logic flaw in the DWARF parsing code can cause readelf to repeatedly print the same table output without making forward progress, resulting in an unbounded output loop that never terminates unless externally interrupted. A local attacker can trigger this behavior by supplying a malicious input file, causing excessive CPU and I/O usage and preventing readelf from completing its analysis.
CVE-2025-69647
NONE
EPSS 0.02%
Updated Mar 09, 2026
GNU
CVE Details
CVE ID
CVE-2025-69647
Published Date
Mar 09, 2026
Vendor
GNU
Severity
NONE
Exploit Prediction (EPSS)
Probability of Exploit
0.02%
Likelihood of exploitation in next 30 days
Percentile:
6.5th percentile (higher than 6.5% of all CVEs)
Standard patching cycle
Impact
Minimal impact
Source
View Advisory