Detections
Analytics

CVE-2026-3442

high

Description

A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may lead to the disclosure of sensitive information or cause the application to crash, resulting in an application level denial of service.

References

https://bugzilla.redhat.com/show_bug.cgi?id=2443828

https://access.redhat.com/security/cve/CVE-2026-3442

Details

Source: Mitre, NVD

Published: 2026-03-16

Updated: 2026-03-20

Risk Information

CVSS v2

Base Score: 6.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 7.1

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

Severity: High

EPSS

EPSS: 0.00012