wid-sec-w-2026-0564 · Published 2026-03-02 · View on BSI CERT-Bund ↗

binutils (bfd linker): Multiple Vulnerabilities allow DoS and Offenlegung from Informationen

CVSS 6.1 MEDIUM

Risk Summary

A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a specially crafted XCOFF object file, an attacker can trigger this flaw, potentially leading to information disclosure or an application level denial of service.

CVEs (2)

CVE-2026-3441 CVE-2026-3442

Affected Vendors

Open Source

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more