Miggo Logo
Miggo Vulnerability Database
CVE-2025-1147

CVE-2025-1147: A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by...

3.1

CVSS Score
3.1

Basic Information

CVE ID
CVE-2025-1147
GHSA ID
GHSA-73x9-xqqp-w963
EPSS Score
0.43573%
CWE
CWE-119
Published
2/10/2025
Updated
4/5/2025
KEV Status
No
Technology
-

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerable function __sanitizer::internal_strlen and its file path binutils/nm.c were directly identified from the vulnerability description and confirmed by the Red Hat Bugzilla entry. The vulnerability is a buffer overflow related to the handling of an argument named 'const' within this function. Due to the lack of direct patch or commit information, the confidence is set to medium, as the analysis relies on textual descriptions of the vulnerability rather than code changes. The initial attempts to fetch detailed patch information from the provided URLs were unsuccessful either due to content restrictions (like the Anubis anti-bot measure on sourceware.org) or because the URLs did not directly point to commit/patch files (e.g., issue trackers).

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* vuln*r**ility **s ***n *oun* in *NU *inutils *.** *n* *l*ssi*i** *s pro*l*m*ti*. *****t** *y t*is vuln*r**ility is t** *un*tion __s*nitiz*r::int*rn*l_strl*n o* t** *il* *inutils/nm.* o* t** *ompon*nt nm. T** m*nipul*tion o* t** *r*um*nt *onst l***s

Reasoning

T** vuln*r**l* *un*tion __s*nitiz*r::int*rn*l_strl*n *n* its *il* p*t* *inutils/nm.* w*r* *ir**tly i**nti*i** *rom t** vuln*r**ility **s*ription *n* *on*irm** *y t** R** **t *u*zill* *ntry. T** vuln*r**ility is * *u***r ov*r*low r*l*t** to t** **n*li
CVE-2025-1147: Binutils nm Remote Buf Overflow | Miggo