[CLSA-2026:1779266445] binutils: Fix of 4 CVEs
Type:
security
Severity:
Important
Release date:
2026-05-20 08:40:50 UTC
Description:
- CVE-2026-3441: XCOFF linker XTY_LD x_scnlen out-of-bounds read - CVE-2026-3442: XCOFF linker r_symndx out-of-bounds read in obj_xcoff_sym_hashes - CVE-2025-7545: objcopy heap buffer overflow on --interleave with crafted small input - CVE-2025-5245: objdump SEGV / NULL deref in debug_type_samep and debug_write_type
Updated packages:
  • binutils-2.35.2-37.el9.tuxcare.els12.i686.rpm
    sha:9aad2c71ad118350aa2edf68b6444f057e60c64228f91273384cd98271e2931f
  • binutils-2.35.2-37.el9.tuxcare.els12.x86_64.rpm
    sha:6b48007b7566e5f54defed6112c52a16638c70bdcf3400139382e18d2223f8eb
  • binutils-devel-2.35.2-37.el9.tuxcare.els12.i686.rpm
    sha:f4ca6b6deebdface81f2f0375811786e119da6421f281e7c24267929bdcafd19
  • binutils-devel-2.35.2-37.el9.tuxcare.els12.x86_64.rpm
    sha:4e040c6706dfae17d4009a3de407ee607d5762ada2b471e796f8cf0f808556a2
  • binutils-gold-2.35.2-37.el9.tuxcare.els12.x86_64.rpm
    sha:51b861bc285c7cb1060ada98b8c832198bb1b9e8ff50aa044f6267f15ca847b1
  • cross-binutils-aarch64-2.35.2-37.el9.tuxcare.els12.x86_64.rpm
    sha:abfb359ea499772a460ec92c9ff0ed5cb48c1dbbb14fd42c98c78b30d1791976
  • cross-binutils-ppc64le-2.35.2-37.el9.tuxcare.els12.x86_64.rpm
    sha:a7d602ccaef51a668ee7fc34a3eafffc4a6fc5b5645321dd8e82a27ccc023fa9
  • cross-binutils-s390x-2.35.2-37.el9.tuxcare.els12.x86_64.rpm
    sha:51e3b94a7780ac5cbe49cfeeffd8714aad41902d1eb600b069cb7809e35d0da2
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.