CVE Catalog

CVE-2026-6845

MediumCVSS 5.0
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.15%

4th percentile - higher than 4% of all known CVEs

Summary

A flaw was found in binutils, specifically within the `readelf` utility, allowing a local attacker to cause a Denial of Service (DoS) by tricking a user into processing a specially crafted ELF file. Exploitation can lead to excessive resource consumption or a program crash, making the system unresponsive.

Risk Assessment

The risk for the organization involves potential disruption of system operations through local exploitation, leading to service availability issues or productivity loss when users process malicious ELF files.

Recommendation

It is recommended to immediately update the binutils package to the latest available version containing a fix for this vulnerability. Additionally, restrict processing of untrusted ELF files and apply the principle of least privilege for users.

Original NVD description (English source)

A flaw was found in binutils, specifically within the `readelf` utility. This vulnerability allows a local attacker to cause a Denial of Service (DoS) by tricking a user into processing a specially crafted Executable and Linkable Format (ELF) file. The exploitation of this flaw can lead to the system becoming unresponsive due to excessive resource consumption or a program crash.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS