{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-11839", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2025-10-16T08:31:52.156Z", "datePublished": "2025-10-16T14:02:13.689Z", "dateUpdated": "2025-10-16T14:15:03.591Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-10-16T14:02:13.689Z"}, "title": "GNU Binutils prdbg.c tg_tag_type return value", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-252", "lang": "en", "description": "Unchecked Return Value"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-253", "lang": "en", "description": "Incorrect Check of Function Return Value"}]}], "affected": [{"vendor": "GNU", "product": "Binutils", "versions": [{"version": "2.45", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Performing manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be exploited."}, {"lang": "de", "value": "In GNU Binutils 2.45 wurde eine Schwachstelle gefunden. Hierbei betrifft es die Funktion tg_tag_type der Datei prdbg.c. Die Ver\u00e4nderung resultiert in unchecked return value. Der Angriff muss lokal angegangen werden. Die Ausnutzung wurde ver\u00f6ffentlicht und kann verwendet werden."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R", "baseSeverity": "LOW"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R", "baseSeverity": "LOW"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2025-10-16T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2025-10-16T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2025-10-16T10:36:58.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "JJLeo (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.328774", "name": "VDB-328774 | GNU Binutils prdbg.c tg_tag_type return value", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.328774", "name": "VDB-328774 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.661279", "name": "Submit #661279 | GNU Binutils 2.45 Unexpected Status Code or Return Value", "tags": ["third-party-advisory"]}, {"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33448", "tags": ["issue-tracking"]}, {"url": "https://sourceware.org/bugzilla/attachment.cgi?id=16344", "tags": ["exploit"]}, {"url": "https://www.gnu.org/", "tags": ["product"]}], "tags": ["x_open-source"]}, "adp": [{"references": [{"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33448", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-16T14:14:58.421856Z", "id": "CVE-2025-11839", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-16T14:15:03.591Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-11839", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-16T14:14:58.421856Z"}}}], "references": [{"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33448", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-16T14:14:50.292Z"}}], "cna": {"tags": ["x_open-source"], "title": "GNU Binutils prdbg.c tg_tag_type return value", "credits": [{"lang": "en", "type": "reporter", "value": "JJLeo (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "GNU", "product": "Binutils", "versions": [{"status": "affected", "version": "2.45"}]}], "timeline": [{"lang": "en", "time": "2025-10-16T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2025-10-16T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2025-10-16T10:36:58.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.328774", "name": "VDB-328774 | GNU Binutils prdbg.c tg_tag_type return value", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.328774", "name": "VDB-328774 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.661279", "name": "Submit #661279 | GNU Binutils 2.45 Unexpected Status Code or Return Value", "tags": ["third-party-advisory"]}, {"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33448", "tags": ["issue-tracking"]}, {"url": "https://sourceware.org/bugzilla/attachment.cgi?id=16344", "tags": ["exploit"]}, {"url": "https://www.gnu.org/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Performing manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be exploited."}, {"lang": "de", "value": "In GNU Binutils 2.45 wurde eine Schwachstelle gefunden. Hierbei betrifft es die Funktion tg_tag_type der Datei prdbg.c. Die Ver\u00e4nderung resultiert in unchecked return value. Der Angriff muss lokal angegangen werden. Die Ausnutzung wurde ver\u00f6ffentlicht und kann verwendet werden."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-252", "description": "Unchecked Return Value"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-253", "description": "Incorrect Check of Function Return Value"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-10-16T14:02:13.689Z"}}}, "cveMetadata": {"cveId": "CVE-2025-11839", "state": "PUBLISHED", "dateUpdated": "2025-10-16T14:15:03.591Z", "dateReserved": "2025-10-16T08:31:52.156Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2025-10-16T14:02:13.689Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Performing manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be exploited."}], "id": "CVE-2025-11839", "lastModified": "2025-10-16T15:28:59.610", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 1.7, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2025-10-16T14:15:34.860", "references": [{"source": "cna@vuldb.com", "url": "https://sourceware.org/bugzilla/attachment.cgi?id=16344"}, {"source": "cna@vuldb.com", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33448"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.328774"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.328774"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.661279"}, {"source": "cna@vuldb.com", "url": "https://www.gnu.org/"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33448"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-252"}, {"lang": "en", "value": "CWE-253"}], "source": "cna@vuldb.com", "type": "Secondary"}]}

{}

{}