Plattform
linux
Komponente
binutils
Behoben in
2.41
A denial-of-service (DoS) vulnerability has been identified in the readelf utility within the Binutils package. A local attacker can exploit this flaw by providing a specially crafted Executable and Linkable Format (ELF) file, potentially leading to resource exhaustion or a segmentation fault. This vulnerability impacts Binutils versions 2.31 through 2.40 and is resolved in version 2.41.
Successful exploitation of CVE-2026-6844 allows a local attacker to crash the readelf utility, resulting in a denial of service. The vulnerability manifests in two ways: resource exhaustion, which can lead to an out-of-memory condition, and a null pointer dereference, which causes a segmentation fault. The attacker needs only to provide a malicious ELF file to trigger these conditions. This disruption can impact system administrators and developers who rely on readelf for debugging and analysis, potentially hindering their ability to inspect and manipulate binaries.
CVE-2026-6844 was publicly disclosed on 2026-04-22. There is currently no indication of active exploitation or a KEV listing. No public proof-of-concept (PoC) code has been released at the time of this writing. The vulnerability's reliance on local access and the need for a crafted ELF file suggest a relatively low probability of widespread exploitation.
Systems administrators and developers who rely on the readelf utility for debugging and analysis are at risk. Environments with limited access controls, where untrusted users can execute commands as root or privileged users, are particularly vulnerable. Developers working with custom ELF files or embedded systems that utilize Binutils should also be aware of this vulnerability.
• linux / server:
journalctl -g "readelf" -p err• linux / server:
ps aux | grep readelf• linux / server:
auditd -l | grep readelfdisclosure
Exploit-Status
EPSS
0.02% (5% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-6844 is to upgrade Binutils to version 2.41 or later. If upgrading is not immediately feasible, restrict access to the readelf utility to trusted users only. Consider implementing input validation on ELF files processed by readelf to detect and reject potentially malicious files. While a WAF is not applicable here, restricting file uploads and parsing within the system can reduce the attack surface. After upgrading, confirm functionality by attempting to parse a variety of ELF files, including those known to be complex or potentially problematic.
Actualice el paquete binutils a la versión 2.41 o superior para mitigar las vulnerabilidades de denegación de servicio. Aplique las actualizaciones de seguridad proporcionadas por su proveedor de distribución de Linux (Red Hat en este caso) para garantizar la protección contra estos ataques. Verifique la documentación de Red Hat para obtener instrucciones específicas sobre cómo aplicar actualizaciones de seguridad.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-6844 is a Denial of Service vulnerability in Binutils versions 2.31 through 2.40. A crafted ELF file can crash the readelf utility.
You are affected if you are running Binutils versions 2.31 through 2.40 and have not upgraded. Upgrade to version 2.41 or later to mitigate the risk.
Upgrade to Binutils version 2.41 or later. If an upgrade is not immediately possible, restrict access to the readelf utility.
As of the last update, there are no confirmed reports of active exploitation, but it is recommended to apply the patch promptly.
Refer to the Binutils project website or your Linux distribution's security advisories for the official advisory regarding CVE-2026-6844.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.