Heap-based Buffer Overflow

CVE-2025-11495

Medium

4.8/10

Summary

A vulnerability was determined in GNU Binutils versions through 2.45. The affected element is the function "elf_x86_64_relocate_section()" of the file "elf64-x86-64.c" of the component Linker. This manipulation causes Heap-based Buffer Overflow. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-122 - Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

References

Advisory
Issue

Advisory Timeline

Published Oct 08, 2025

Heap-based Buffer Overflow

CVE-2025-11495

Summary

CWE-122 - Heap-based Buffer Overflow

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS