Packages
- binutils - GNU assembler, linker and binary utilities
Details
It was discovered that GNU binutils could be forced to perform an out-
of-bounds read in certain instances. An attacker with local access to
a system could possibly use this issue to cause a denial of service.
(CVE-2025-11839, CVE-2025-11840)
It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04
LTS, and Ubuntu 20.04 LTS. (CVE-2025-8225)
It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or
execute arbitrary code. This issue only affected Ubuntu 14.04 LTS,
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS.
(CVE-2025-5244,
It was discovered that GNU binutils could be forced to perform an out-
of-bounds read in certain instances. An attacker with local access to
a system could possibly use this issue to cause a denial of service.
(CVE-2025-11839, CVE-2025-11840)
It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04
LTS, and Ubuntu 20.04 LTS. (CVE-2025-8225)
It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or
execute arbitrary code. This issue only affected Ubuntu 14.04 LTS,
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS.
(CVE-2025-5244, CVE-2025-5245)
It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2025-3198)
It was discovered that GNU binutils incorrectly handled certain files.
An attacker could possibly use this issue to cause a crash. This issue
only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS.
(CVE-2025-1182)
It was discovered that ld in GNU binutils incorrectly handled certain
files. An attacker could possibly use this issue to cause a crash,
expose sensitive information or execute arbitrary code. This issue
only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS.
(CVE-2025-1181)
It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash, expose
sensitive information or execute arbitrary code. This issue only
affected Ubuntu 25.04. (CVE-2025-1153)
It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code. This issue only affected Ubuntu 14.04 LTS.
(CVE-2025-0840)
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 25.10 questing | binutils – 2.45-7ubuntu1.1 | ||
| binutils-multiarch – 2.45-7ubuntu1.1 | |||
| 25.04 plucky | binutils – 2.44-3ubuntu1.2 | ||
| binutils-multiarch – 2.44-3ubuntu1.2 | |||
| 24.04 LTS noble | binutils – 2.42-4ubuntu2.7 | ||
| binutils-multiarch – 2.42-4ubuntu2.7 | |||
| 22.04 LTS jammy | binutils – 2.38-4ubuntu2.11 | ||
| binutils-multiarch – 2.38-4ubuntu2.11 | |||
| 20.04 LTS focal | binutils – 2.34-6ubuntu1.11+esm1 | ||
| binutils-multiarch – 2.34-6ubuntu1.11+esm1 | |||
| 18.04 LTS bionic | binutils – 2.30-21ubuntu1~18.04.9+esm5 | ||
| binutils-multiarch – 2.30-21ubuntu1~18.04.9+esm5 | |||
| 16.04 LTS xenial | binutils – 2.26.1-1ubuntu1~16.04.8+esm13 | ||
| binutils-multiarch – 2.26.1-1ubuntu1~16.04.8+esm13 | |||
| 14.04 LTS trusty | binutils – 2.24-5ubuntu14.2+esm7 | ||
| binutils-multiarch – 2.24-5ubuntu14.2+esm7 | |||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.
References
- CVE-2025-8225
- CVE-2025-7545
- CVE-2025-5245
- CVE-2025-5244
- CVE-2025-3198
- CVE-2025-11840
- CVE-2025-11839
- CVE-2025-1182
- CVE-2025-1181
- CVE-2025-1153
- CVE-2025-8225
- CVE-2025-7545
- CVE-2025-5245
- CVE-2025-5244
- CVE-2025-3198
- CVE-2025-11840
- CVE-2025-11839
- CVE-2025-1182
- CVE-2025-1181
- CVE-2025-1153
- CVE-2025-0840