{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-8224","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2025-07-26T12:56:14.737Z","datePublished":"2025-07-27T05:32:06.926Z","dateUpdated":"2026-05-12T12:02:37.322Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2025-07-27T05:32:06.926Z"},"title":"GNU Binutils BFD Library elf.c bfd_elf_get_str_section null pointer dereference","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-476","lang":"en","description":"NULL Pointer Dereference"}]},{"descriptions":[{"type":"CWE","cweId":"CWE-404","lang":"en","description":"Denial of Service"}]}],"affected":[{"vendor":"GNU","product":"Binutils","versions":[{"version":"2.44","status":"affected"}],"modules":["BFD Library"]}],"descriptions":[{"lang":"en","value":"A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfd_elf_get_str_section of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The name of the patch is db856d41004301b3a56438efd957ef5cabb91530. It is recommended to apply a patch to fix this issue."},{"lang":"de","value":"In GNU Binutils 2.44 wurde eine problematische Schwachstelle gefunden. Betroffen ist die Funktion bfd_elf_get_str_section der Datei bfd/elf.c der Komponente BFD Library. Dank der Manipulation mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur öffentlichen Verfügung. Der Patch wird als db856d41004301b3a56438efd957ef5cabb91530 bezeichnet. Als bestmögliche Massnahme wird Patching empfohlen."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":4.8,"vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":3.3,"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C","baseSeverity":"LOW"}},{"cvssV3_0":{"version":"3.0","baseScore":3.3,"vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C","baseSeverity":"LOW"}},{"cvssV2_0":{"version":"2.0","baseScore":1.7,"vectorString":"AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C"}}],"timeline":[{"time":"2025-07-26T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2025-07-26T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2025-07-26T15:01:30.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"arthurx (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.317812","name":"VDB-317812 | GNU Binutils BFD Library elf.c bfd_elf_get_str_section null pointer dereference","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.317812","name":"VDB-317812 | CTI Indicators (IOB, IOC, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.621878","name":"Submit #621878 | GNU binutils--gdb 2.44 NULL Pointer Dereference","tags":["third-party-advisory"]},{"url":"https://sourceware.org/bugzilla/show_bug.cgi?id=32109","tags":["issue-tracking"]},{"url":"https://sourceware.org/bugzilla/show_bug.cgi?id=32109#c2","tags":["issue-tracking"]},{"url":"https://sourceware.org/bugzilla/attachment.cgi?id=15680","tags":["exploit"]},{"url":"https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=db856d41004301b3a56438efd957ef5cabb91530","tags":["patch"]},{"url":"https://www.gnu.org/","tags":["product"]}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-07-28T16:59:03.296958Z","id":"CVE-2025-8224","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-07-28T16:59:22.821Z"}},{"x_adpType":"supplier","providerMetadata":{"orgId":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","shortName":"siemens-SADP","dateUpdated":"2026-05-12T12:02:37.322Z"},"affected":[{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP","versions":[{"status":"affected","version":"V3.1.5","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP","versions":[{"status":"affected","version":"V3.1.5","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP","versions":[{"status":"affected","version":"V3.1.5","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP","versions":[{"status":"affected","version":"V3.1.5","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"SIMATIC S7-1500 TM MFP - GNU/Linux subsystem","versions":[{"status":"affected","version":"0","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP","versions":[{"status":"affected","version":"V3.1.5","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-265688.html"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-082556.html"}]}]}}