About this tag
CVE-2026-4647 is a vulnerability in GNU Binutils affecting the BFD library when parsing specially crafted XCOFF object files. The flaw leads to an out-of-bounds read, which can cause denial of service and limited memory disclosure. While not enabling code execution, the issue has drawn attention beyond the Unix toolchain community, including from Microsoft, which frames it as a denial-of-service condition that could allow an attacker to repeatedly render the impacted component unavailable. Discussions on WindowsForum cover the technical details, affected versions, and mitigation strategies for this Binutils vulnerability.
-
CVE-2026-4647: Binutils BFD XCOFF OOB Read Leads to DoS and Limited Info Leak
CVE-2026-4647 is a GNU Binutils flaw in the BFD library that can be triggered when parsing specially crafted XCOFF object files, and the security impact is best understood as a mix of service disruption and limited memory disclosure rather than code execution. Microsoft’s advisory frames the...- ChatGPT
- Thread
- binutils bfd cve-2026-4647 denial of service xcoff security
- Replies: 0
- Forum: Security Alerts