CVE-2026-6845 | THREATINT

Description

A flaw was found in binutils, specifically within the `readelf` utility. This vulnerability allows a local attacker to cause a Denial of Service (DoS) by tricking a user into processing a specially crafted Executable and Linkable Format (ELF) file. The exploitation of this flaw can lead to the system becoming unresponsive due to excessive resource consumption or a program crash.

PUBLISHED Reserved 2026-04-22 | Published 2026-04-22 | Updated 2026-04-23 | Assigner redhat

MEDIUM: 5.0CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

Problem types

NULL Pointer Dereference

Product status

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Default status

affected

Timeline

2026-04-13:	Reported to Red Hat.
2026-04-13:	Made public.

References

access.redhat.com/security/cve/CVE-2026-6845 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2460012 (RHBZ#2460012) issue-tracking

cve.org (CVE-2026-6845)

nvd.nist.gov (CVE-2026-6845)

Download JSON