{"id":"CVE-2026-6846","summary":"Binutils: binutils: arbitrary code execution via malformed xcoff object file processing","details":"A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF (Extended Common Object File Format) object file during linking. A local attacker could trick a user into processing this malicious file, which could lead to arbitrary code execution, allowing the attacker to run unauthorized commands, or cause a denial of service, making the system unavailable.","modified":"2026-07-16T03:30:49.092383997Z","published":"2026-04-22T08:37:14.233Z","related":["CGA-pggg-gg24-3vfc"],"database_specific":{"cna_assigner":"redhat","cwe_ids":["CWE-122"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/6xxx/CVE-2026-6846.json"},"references":[{"type":"WEB","url":"https://access.redhat.com/downloads/content/package-browser/"},{"type":"WEB","url":"https://catalog.redhat.com/software/containers/"},{"type":"WEB","url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-6846.json"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2026:33527"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2026:39022"},{"type":"ADVISORY","url":"https://access.redhat.com/security/cve/CVE-2026-6846"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/6xxx/CVE-2026-6846.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6846"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460006"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://sourceware.org/git/binutils-gdb.git","events":[{"introduced":"0"},{"last_affected":"49d4d3fafa4ec4ff5a3460d91d5b1ed5286487db"}],"database_specific":{"cpe":"cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"2.46"}],"source":"CPE_RANGE"}}],"versions":["binutils-2_46","gdb-17-branchpoint","gdb-16-branchpoint","gdb-15-branchpoint","gdb-14-branchpoint","binutils-2_41-release","gdb-13-branchpoint","gdb-12-branchpoint","gdb-11-branchpoint","gdb-10-branchpoint","gdb-9-branchpoint","gdb-8.3-branchpoint","users/ARM/embedded-gdb-master-2018q4","users/ARM/embedded-binutils-master-2018q4","gdb-8.2-branchpoint","gdb-8.1-branchpoint","users/ARM/embedded-gdb-master-2017q4","users/ARM/embedded-binutils-master-2017q4","gdb-8.0-branchpoint","users/ARM/embedded-binutils-master-2016q4","gdb-7.12-branchpoint","gdb-7.11-branchpoint","gdb-7.10-branchpoint","gdb-7.9-branchpoint","gdb-7.8-branchpoint","gdb-7.7-branchpoint","gdb_7_6-branchpoint","gdb_7_5-branchpoint","gdb_7_4-branchpoint","gdb_7_3-branchpoint","gdb_7_2-branchpoint","gdb_7_1-branchpoint","gdb_7_0-branchpoint","gdb_6_8-branchpoint","gdb_6_7-branchpoint","gdb_6_6-branchpoint","gdb_6_5-branchpoint","gdb_6_4-branchpoint","gdb_6_3-branchpoint","gdb_6_2-branchpoint","gdb_6_1-branchpoint","gdb_6_0-branchpoint","gdb_5_3-branchpoint","gdb_5_2-branchpoint","gdb-4_18-branchpoint"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-6846.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}