← voltar
CVE-2026-3994

rui314 mold Object File input-files.cc initialize_sections heap-based overflow

CVSS 4.8 MEDIUMEPSS 0.1%CWE-119CWE-122
A vulnerability was detected in rui314 mold up to 2.40.4. This issue affects the function mold::ObjectFilemold::X86_64::initialize_sections of the file src/input-files.cc of the component Object File Handler. Performing a manipulation results in heap-based buffer overflow. Attacking locally is a requirement. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Produtos afetados
rui314 · mold

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/oneafter/0209/blob/main/mo2/reprohttps://github.com/rui314/mold/https://github.com/rui314/mold/issues/1548https://vuldb.com/?ctiid.350476https://vuldb.com/?id.350476https://vuldb.com/?submit.769772