Description
A flaw was found in the `readelf` utility of the binutils package. A local attacker could exploit two Denial of Service (DoS) vulnerabilities by providing a specially crafted Executable and Linkable Format (ELF) file. One vulnerability, a resource exhaustion (CWE-400), can lead to an out-of-memory condition. The other, a null pointer dereference (CWE-476), can cause a segmentation fault. Both issues can result in the `readelf` utility becoming unresponsive or crashing, leading to a denial of service.
Published: 2026-04-22
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Use Alternative
AI Analysis

Impact

The binutils `readelf` utility can be misused by a local attacker who supplies a carefully crafted ELF file. One weakness causes an out‑of‑memory condition, while the other leads to a null‑pointer dereference and a segmentation fault. Either path can crash or hang the utility, resulting in a denial of service for any process that relies on `readelf`.

Affected Systems

The vulnerability affects Red Hat Enterprise Linux 7, 8, 9, 10, the Red Hat Hardened Images, and the Red Hat OpenShift Container Platform 4. The binutils package is the impacted component. Specific release or patch information is not listed, so any existing installations that have not yet applied an update could be susceptible.

Risk and Exploitability

The CVSS score of 5.5 places this flaw in the medium severity range, and the EPSS score is currently unavailable. It is not in the CISA KEV catalog. Because the vulnerability requires the attacker to have local access to a system and to supply a malicious ELF file, the threat is confined to local exploitation. However, the denial of service can disrupt services or routine system administration that uses `readelf`, potentially impacting availability of dependent tools or scripts.

Generated by OpenCVE AI on April 22, 2026 at 10:51 UTC.

Remediation

Vendor Workaround

To mitigate this vulnerability, users should avoid using the `readelf` utility on untrusted or suspicious ELF files. Processing a specially crafted ELF file with `readelf` can lead to a denial of service.

OpenCVE Recommended Actions

  • Avoid using `readelf` against untrusted or suspicious ELF files.
  • Update the binutils package to a version that contains the fix once Red Hat releases it.
  • Restrict permissions on directories containing ELF binaries or employ container or sandbox policies to prevent execution of the vulnerable utility on untrusted data.

Generated by OpenCVE AI on April 22, 2026 at 10:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 22 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Redhat hardened Images
Redhat openshift Container Platform
Vendors & Products Redhat hardened Images
Redhat openshift Container Platform
References
Metrics threat_severity

None

 threat_severity

Moderate

Wed, 22 Apr 2026 09:00:00 +0000

Type Values Removed Values Added
Description A flaw was found in the `readelf` utility of the binutils package. A local attacker could exploit two Denial of Service (DoS) vulnerabilities by providing a specially crafted Executable and Linkable Format (ELF) file. One vulnerability, a resource exhaustion (CWE-400), can lead to an out-of-memory condition. The other, a null pointer dereference (CWE-476), can cause a segmentation fault. Both issues can result in the `readelf` utility becoming unresponsive or crashing, leading to a denial of service.
Title Binutils: binutils: denial of service vulnerabilities in readelf via crafted elf files
First Time appeared Redhat
Redhat enterprise Linux
Redhat hummingbird
Redhat openshift
Weaknesses CWE-400
CPEs cpe:/a:redhat:hummingbird:1
cpe:/a:redhat:openshift:4
cpe:/o:redhat:enterprise_linux:10
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
Redhat hummingbird
Redhat openshift
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}

Subscriptions

Redhat Enterprise Linux Hardened Images Hummingbird Openshift Openshift Container Platform
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-04-22T08:37:09.794Z

Reserved: 2026-04-22T07:34:56.080Z

Link: CVE-2026-6844

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-22T09:16:27.140

Modified: 2026-04-22T09:16:27.140

Link: CVE-2026-6844

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-04-13T00:00:00Z

Links: CVE-2026-6844 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T11:43:46Z

Weaknesses