CVE-2026-6845 MEDIUM

CVE-2026-6845: Binutils: binutils: denial of service via crafted elf file

Vendor Red Hat
Product Red Hat Enterprise Linux 10
Weakness CWE-476
Published April 22, 2026
Last update July 1, 2026

CVSS base score

5.0/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

A flaw was found in binutils, specifically within the `readelf` utility. This vulnerability allows a local attacker to cause a Denial of Service (DoS) by tricking a user into processing a specially crafted Executable and Linkable Format (ELF) file. The exploitation of this flaw can lead to the system becoming unresponsive due to excessive resource consumption or a program crash.

Key dates

02Disclosure timeline

April 22, 2026 CVE published
July 1, 2026 Record updated