csaf_microsoft - msrc

MSRC_CVE-2025-1152

Vulnerability from csaf_microsoft - Published: 2025-02-02 00:00 - Updated: 2025-09-03 23:21

Summary

GNU Binutils ld xstrdup.c xstrdup memory leak

Notes

Additional Resources

To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer

The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

JSON

To clipboard

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2025-1152 GNU Binutils ld xstrdup.c xstrdup memory leak - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-1152.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "GNU Binutils ld xstrdup.c xstrdup memory leak",
    "tracking": {
      "current_release_date": "2025-09-03T23:21:22.000Z",
      "generator": {
        "date": "2025-10-20T02:58:29.049Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2025-1152",
      "initial_release_date": "2025-02-02T00:00:00.000Z",
      "revision_history": [
        {
          "date": "2025-09-03T23:21:22.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "3.0",
                "product": {
                  "name": "Azure Linux 3.0",
                  "product_id": "17084"
                }
              },
              {
                "category": "product_version",
                "name": "2.0",
                "product": {
                  "name": "CBL Mariner 2.0",
                  "product_id": "17086"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "azl3 gcc 13.2.0-7",
                "product": {
                  "name": "azl3 gcc 13.2.0-7",
                  "product_id": "14"
                }
              },
              {
                "category": "product_version_range",
                "name": "cbl2 gcc 11.2.0-8",
                "product": {
                  "name": "cbl2 gcc 11.2.0-8",
                  "product_id": "10"
                }
              },
              {
                "category": "product_version_range",
                "name": "cbl2 gcc 11.2.0-8",
                "product": {
                  "name": "cbl2 gcc 11.2.0-8",
                  "product_id": "13"
                }
              }
            ],
            "category": "product_name",
            "name": "gcc"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "azl3 binutils 2.41-7",
                "product": {
                  "name": "azl3 binutils 2.41-7",
                  "product_id": "11"
                }
              },
              {
                "category": "product_version_range",
                "name": "cbl2 binutils 2.37-15",
                "product": {
                  "name": "cbl2 binutils 2.37-15",
                  "product_id": "6"
                }
              },
              {
                "category": "product_version_range",
                "name": "cbl2 binutils 2.37-16",
                "product": {
                  "name": "cbl2 binutils 2.37-16",
                  "product_id": "4"
                }
              },
              {
                "category": "product_version_range",
                "name": "cbl2 binutils 2.37-17",
                "product": {
                  "name": "cbl2 binutils 2.37-17",
                  "product_id": "1"
                }
              }
            ],
            "category": "product_name",
            "name": "binutils"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "azl3 crash 8.0.4-4",
                "product": {
                  "name": "azl3 crash 8.0.4-4",
                  "product_id": "12"
                }
              },
              {
                "category": "product_version_range",
                "name": "cbl2 crash 8.0.1-4",
                "product": {
                  "name": "cbl2 crash 8.0.1-4",
                  "product_id": "8"
                }
              }
            ],
            "category": "product_name",
            "name": "crash"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "azl3 gdb 13.2-4",
                "product": {
                  "name": "azl3 gdb 13.2-4",
                  "product_id": "9"
                }
              },
              {
                "category": "product_version_range",
                "name": "cbl2 gdb 11.2-6",
                "product": {
                  "name": "cbl2 gdb 11.2-6",
                  "product_id": "7"
                }
              },
              {
                "category": "product_version_range",
                "name": "azl3 gdb 13.2-5",
                "product": {
                  "name": "azl3 gdb 13.2-5",
                  "product_id": "3"
                }
              },
              {
                "category": "product_version_range",
                "name": "cbl2 gdb 11.2-7",
                "product": {
                  "name": "cbl2 gdb 11.2-7",
                  "product_id": "2"
                }
              }
            ],
            "category": "product_name",
            "name": "gdb"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "azl3 annobin 12.49-2",
                "product": {
                  "name": "azl3 annobin 12.49-2",
                  "product_id": "5"
                }
              }
            ],
            "category": "product_name",
            "name": "annobin"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 gcc 13.2.0-7 as a component of Azure Linux 3.0",
          "product_id": "17084-14"
        },
        "product_reference": "14",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 binutils 2.41-7 as a component of Azure Linux 3.0",
          "product_id": "17084-11"
        },
        "product_reference": "11",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 crash 8.0.4-4 as a component of Azure Linux 3.0",
          "product_id": "17084-12"
        },
        "product_reference": "12",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 gdb 13.2-4 as a component of Azure Linux 3.0",
          "product_id": "17084-9"
        },
        "product_reference": "9",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 gdb 11.2-6 as a component of CBL Mariner 2.0",
          "product_id": "17086-7"
        },
        "product_reference": "7",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 binutils 2.37-15 as a component of CBL Mariner 2.0",
          "product_id": "17086-6"
        },
        "product_reference": "6",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 gcc 11.2.0-8 as a component of CBL Mariner 2.0",
          "product_id": "17086-10"
        },
        "product_reference": "10",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 gdb 13.2-5 as a component of Azure Linux 3.0",
          "product_id": "17084-3"
        },
        "product_reference": "3",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 annobin 12.49-2 as a component of Azure Linux 3.0",
          "product_id": "17084-5"
        },
        "product_reference": "5",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 crash 8.0.1-4 as a component of CBL Mariner 2.0",
          "product_id": "17086-8"
        },
        "product_reference": "8",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 binutils 2.37-16 as a component of CBL Mariner 2.0",
          "product_id": "17086-4"
        },
        "product_reference": "4",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 gcc 11.2.0-8 as a component of CBL Mariner 2.0",
          "product_id": "17086-13"
        },
        "product_reference": "13",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 gdb 11.2-7 as a component of CBL Mariner 2.0",
          "product_id": "17086-2"
        },
        "product_reference": "2",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 binutils 2.37-17 as a component of CBL Mariner 2.0",
          "product_id": "17086-1"
        },
        "product_reference": "1",
        "relates_to_product_reference": "17086"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-1152",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "general",
          "text": "VulDB",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "known_affected": [
          "17084-14",
          "17084-11",
          "17084-12",
          "17084-9",
          "17086-7",
          "17086-6",
          "17086-10",
          "17084-3",
          "17084-5",
          "17086-8",
          "17086-4",
          "17086-13",
          "17086-2",
          "17086-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-1152 GNU Binutils ld xstrdup.c xstrdup memory leak - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-1152.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "environmentalsScore": 0.0,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 3.1,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "17084-14",
            "17084-11",
            "17084-12",
            "17084-9",
            "17086-7",
            "17086-6",
            "17086-10",
            "17084-3",
            "17084-5",
            "17086-8",
            "17086-4",
            "17086-13",
            "17086-2",
            "17086-1"
          ]
        }
      ],
      "title": "GNU Binutils ld xstrdup.c xstrdup memory leak"
    }
  ]
}

CVE-2025-1152 (GCVE-0-2025-1152)

Vulnerability from cvelistv5 – Published: 2025-02-10 18:00 – Updated: 2025-02-12 15:48

Summary

A vulnerability classified as problematic has been found in GNU Binutils 2.43. Affected is the function xstrdup of the file xstrdup.c of the component ld. The manipulation leads to memory leak. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."

Severity ?

2.3 (Low)


                        
                          CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

3.1 (Low)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

CWE

CWE-401 - Memory Leak
CWE-404 - Denial of Service

Assigner

VulDB

References

URL

Tags

	https://vuldb.com/?id.295056	vdb-entrytechnical-description
	https://vuldb.com/?ctiid.295056	signaturepermissions-required
	https://sourceware.org/bugzilla/show_bug.cgi?id=32576	issue-tracking
	https://sourceware.org/bugzilla/attachment.cgi?id=15887	exploit
	https://www.gnu.org/	product

Impacted products

	Vendor	Product	Version
	GNU	Binutils	Affected: 2.43

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1152",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-10T18:11:21.908438Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T15:48:17.157Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "ld"
          ],
          "product": "Binutils",
          "vendor": "GNU",
          "versions": [
            {
              "status": "affected",
              "version": "2.43"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability classified as problematic has been found in GNU Binutils 2.43. Affected is the function xstrdup of the file xstrdup.c of the component ld. The manipulation leads to memory leak. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: \"I\u0027m not going to commit some of the leak fixes I\u0027ve been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master.\""
        },
        {
          "lang": "de",
          "value": "Es wurde eine problematische Schwachstelle in GNU Binutils 2.43 entdeckt. Hiervon betroffen ist die Funktion xstrdup der Datei xstrdup.c der Komponente ld. Durch die Manipulation mit unbekannten Daten kann eine memory leak-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie gilt als schwierig auszunutzen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 2.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 2.6,
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-401",
              "description": "Memory Leak",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "Denial of Service",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-10T18:00:09.779Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-295056 | GNU Binutils ld xstrdup.c xstrdup memory leak",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.295056"
        },
        {
          "name": "VDB-295056 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.295056"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32576"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://sourceware.org/bugzilla/attachment.cgi?id=15887"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://www.gnu.org/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-10T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-02-10T01:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-02-10T08:37:06.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "GNU Binutils ld xstrdup.c xstrdup memory leak"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-1152",
    "datePublished": "2025-02-10T18:00:09.779Z",
    "dateReserved": "2025-02-10T07:32:00.277Z",
    "dateUpdated": "2025-02-12T15:48:17.157Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

MSRC_CVE-2025-1152

CVE-2025-1152 (GCVE-0-2025-1152)

Tags

Sightings

Nomenclature