GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debug_rnglists data. A logic flaw in the DWARF parsing path causes readelf to repeatedly print the same warning message without making forward progress, resulting in a non-terminating output loop that requires manual interruption. No evidence of memory corruption or code execution was observed.
CVE-2025-69648
NONE
EPSS 0.02%
Updated Mar 09, 2026
GNU
CVE Details
CVE ID
CVE-2025-69648
Published Date
Mar 09, 2026
Vendor
GNU
Severity
NONE
Exploit Prediction (EPSS)
Probability of Exploit
0.02%
Likelihood of exploitation in next 30 days
Percentile:
6.1th percentile (higher than 6.1% of all CVEs)
Standard patching cycle
Impact
Minimal impact
Source
View Advisory