Red Hat Product Errata RHSA-2026:0343 - Security Advisory
Issued:
2026-01-08
Updated:
2026-01-08

RHSA-2026:0343 - Security Advisory

Synopsis

Moderate: gcc-toolset-13-binutils security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for gcc-toolset-13-binutils is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Binutils is a collection of binary utilities, including ar (for creating, modifying and extracting from archives), as (a family of GNU assemblers), gprof (for displaying call graph profile data), ld (the GNU linker), nm (for listing symbols from object files), objcopy (for copying and translating object files), objdump (for displaying information from object files), ranlib (for generating an index for the contents of an archive), readelf (for displaying detailed information about binary files), size (for listing the section sizes of an object or archive file), strings (for listing printable strings from files), strip (for discarding symbols), and addr2line (for converting addresses to file and line).

Security Fix(es):

  • binutils: GNU Binutils Linker heap-based overflow (CVE-2025-11083)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.4 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x

Fixes

  • BZ - 2399948 - CVE-2025-11083 binutils: GNU Binutils Linker heap-based overflow

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4

SRPM
gcc-toolset-13-binutils-2.40-21.el9_4.1.src.rpm SHA-256: f3e0806353da79ba96f86965f7455c037e6ff84914fe19439e3550316f127f2c
x86_64
gcc-toolset-13-binutils-2.40-21.el9_4.1.x86_64.rpm SHA-256: 1b199c811d0f54a4ddf307aa79c0bbf0b0889990138083cf4a77ff4ca319cc15
gcc-toolset-13-binutils-debuginfo-2.40-21.el9_4.1.i686.rpm SHA-256: 503fea1ffde095bfb4ef28058ec9bcfb2dd823fdd95a0a3fd96a4575ebf5b510
gcc-toolset-13-binutils-debuginfo-2.40-21.el9_4.1.x86_64.rpm SHA-256: f921cc51b00becf4da247b7b60285554b4c38494571d81d5e72f9b146d7f7ae2
gcc-toolset-13-binutils-devel-2.40-21.el9_4.1.i686.rpm SHA-256: 36a3bae8533e956aad6fc7b2f8fa4a49062d77ac9b4a94403bb67fc2e6536451
gcc-toolset-13-binutils-devel-2.40-21.el9_4.1.x86_64.rpm SHA-256: 18ea24cb3d6600fbe048b4c99ed1c5a7c0341d905cdbe9b0094ff95a98d14611
gcc-toolset-13-binutils-gold-2.40-21.el9_4.1.x86_64.rpm SHA-256: c2fa262fea7b0ead75376a3e82db849381460d5c88641fdd9d759addeadd2550
gcc-toolset-13-binutils-gold-debuginfo-2.40-21.el9_4.1.i686.rpm SHA-256: 598c7d948ab0e92063a355e7084774fd0946c02b1e67b17596a6ac72bb377bcd
gcc-toolset-13-binutils-gold-debuginfo-2.40-21.el9_4.1.x86_64.rpm SHA-256: f56e2c3b10e12a5d88efffdfd0a9170efc3d2db5ecb8ba731258b6050616338f
gcc-toolset-13-binutils-gprofng-debuginfo-2.40-21.el9_4.1.x86_64.rpm SHA-256: 2e74481939d7a0330b5d03d71a88f9936014e60d71b9a7f2489ec4aeb7e94bb1

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
gcc-toolset-13-binutils-2.40-21.el9_4.1.src.rpm SHA-256: f3e0806353da79ba96f86965f7455c037e6ff84914fe19439e3550316f127f2c
x86_64
gcc-toolset-13-binutils-2.40-21.el9_4.1.x86_64.rpm SHA-256: 1b199c811d0f54a4ddf307aa79c0bbf0b0889990138083cf4a77ff4ca319cc15
gcc-toolset-13-binutils-debuginfo-2.40-21.el9_4.1.i686.rpm SHA-256: 503fea1ffde095bfb4ef28058ec9bcfb2dd823fdd95a0a3fd96a4575ebf5b510
gcc-toolset-13-binutils-debuginfo-2.40-21.el9_4.1.x86_64.rpm SHA-256: f921cc51b00becf4da247b7b60285554b4c38494571d81d5e72f9b146d7f7ae2
gcc-toolset-13-binutils-devel-2.40-21.el9_4.1.i686.rpm SHA-256: 36a3bae8533e956aad6fc7b2f8fa4a49062d77ac9b4a94403bb67fc2e6536451
gcc-toolset-13-binutils-devel-2.40-21.el9_4.1.x86_64.rpm SHA-256: 18ea24cb3d6600fbe048b4c99ed1c5a7c0341d905cdbe9b0094ff95a98d14611
gcc-toolset-13-binutils-gold-2.40-21.el9_4.1.x86_64.rpm SHA-256: c2fa262fea7b0ead75376a3e82db849381460d5c88641fdd9d759addeadd2550
gcc-toolset-13-binutils-gold-debuginfo-2.40-21.el9_4.1.i686.rpm SHA-256: 598c7d948ab0e92063a355e7084774fd0946c02b1e67b17596a6ac72bb377bcd
gcc-toolset-13-binutils-gold-debuginfo-2.40-21.el9_4.1.x86_64.rpm SHA-256: f56e2c3b10e12a5d88efffdfd0a9170efc3d2db5ecb8ba731258b6050616338f
gcc-toolset-13-binutils-gprofng-debuginfo-2.40-21.el9_4.1.x86_64.rpm SHA-256: 2e74481939d7a0330b5d03d71a88f9936014e60d71b9a7f2489ec4aeb7e94bb1

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4

SRPM
gcc-toolset-13-binutils-2.40-21.el9_4.1.src.rpm SHA-256: f3e0806353da79ba96f86965f7455c037e6ff84914fe19439e3550316f127f2c
s390x
gcc-toolset-13-binutils-2.40-21.el9_4.1.s390x.rpm SHA-256: a42843e7376268d3ba87c655137570a0d417184a067d20f5d40ca2edb61b6bfd
gcc-toolset-13-binutils-debuginfo-2.40-21.el9_4.1.s390x.rpm SHA-256: 147ca9e94672c6e889ae8c25331a44edb95bacdf369167fc06a11d8db5e28167
gcc-toolset-13-binutils-devel-2.40-21.el9_4.1.s390x.rpm SHA-256: c735337033d2a891c819abcedc27f82fdeea1ab0e358f92dfab14adc83c5534e
gcc-toolset-13-binutils-gold-2.40-21.el9_4.1.s390x.rpm SHA-256: cf6ecd8a4c6d53777b876afd8252bfb71030b33f7f2b2fc06e71cfa3c0616106
gcc-toolset-13-binutils-gold-debuginfo-2.40-21.el9_4.1.s390x.rpm SHA-256: 41336653895cb038a9cc40c213ea7acfee2cf24e33e4cfe3c843126a1575501d

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4

SRPM
gcc-toolset-13-binutils-2.40-21.el9_4.1.src.rpm SHA-256: f3e0806353da79ba96f86965f7455c037e6ff84914fe19439e3550316f127f2c
ppc64le
gcc-toolset-13-binutils-2.40-21.el9_4.1.ppc64le.rpm SHA-256: 21fe1d986d7c94960a097c1cbfc6e42cb4530f935fe8d0e71b27301c37577081
gcc-toolset-13-binutils-debuginfo-2.40-21.el9_4.1.ppc64le.rpm SHA-256: 954157a7422321534afca0c494fb0f53a222ce923c40bbdc4c5ac8c4460ac571
gcc-toolset-13-binutils-devel-2.40-21.el9_4.1.ppc64le.rpm SHA-256: 49e3e8cd11591a65c8c01cd4194a167853b48f6a594ebabfe3bd7fb0f230614d
gcc-toolset-13-binutils-gold-2.40-21.el9_4.1.ppc64le.rpm SHA-256: bf2d241afa6fc29eb90ab6eb95183184280d13eebf0c2f670322466bf4b45284
gcc-toolset-13-binutils-gold-debuginfo-2.40-21.el9_4.1.ppc64le.rpm SHA-256: 4e44dadfbe2b0f07c71cf3729174eac597a89e02ba062b513fdae93f42b96a69

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4

SRPM
gcc-toolset-13-binutils-2.40-21.el9_4.1.src.rpm SHA-256: f3e0806353da79ba96f86965f7455c037e6ff84914fe19439e3550316f127f2c
aarch64
gcc-toolset-13-binutils-2.40-21.el9_4.1.aarch64.rpm SHA-256: cf235fa7350254a6abcee7a77a106d4bebdfc1173023262661155c4fd0c2d6a7
gcc-toolset-13-binutils-debuginfo-2.40-21.el9_4.1.aarch64.rpm SHA-256: 465bbc2d49299b84131331775b2ac1e8aa335c0feb2cd20f8f49ee5645dddccf
gcc-toolset-13-binutils-devel-2.40-21.el9_4.1.aarch64.rpm SHA-256: 620bb3262b0ec8b88c1a9e7b26e75a662ad2e3390532219a998fc004b0ab695e
gcc-toolset-13-binutils-gold-2.40-21.el9_4.1.aarch64.rpm SHA-256: 3df429a164d57362c5a13d7732d00c9896be879834e6156e6515683187bbb532
gcc-toolset-13-binutils-gold-debuginfo-2.40-21.el9_4.1.aarch64.rpm SHA-256: 9fe602f2d436e055572b852536f0530c4af90a7698d40e8c1da55fedf2fc495f
gcc-toolset-13-binutils-gprofng-debuginfo-2.40-21.el9_4.1.aarch64.rpm SHA-256: 974299db49b6f9c331ca30d0a0346a93b9f3e215926e9b7c77b29a2983037523

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4

SRPM
gcc-toolset-13-binutils-2.40-21.el9_4.1.src.rpm SHA-256: f3e0806353da79ba96f86965f7455c037e6ff84914fe19439e3550316f127f2c
ppc64le
gcc-toolset-13-binutils-2.40-21.el9_4.1.ppc64le.rpm SHA-256: 21fe1d986d7c94960a097c1cbfc6e42cb4530f935fe8d0e71b27301c37577081
gcc-toolset-13-binutils-debuginfo-2.40-21.el9_4.1.ppc64le.rpm SHA-256: 954157a7422321534afca0c494fb0f53a222ce923c40bbdc4c5ac8c4460ac571
gcc-toolset-13-binutils-devel-2.40-21.el9_4.1.ppc64le.rpm SHA-256: 49e3e8cd11591a65c8c01cd4194a167853b48f6a594ebabfe3bd7fb0f230614d
gcc-toolset-13-binutils-gold-2.40-21.el9_4.1.ppc64le.rpm SHA-256: bf2d241afa6fc29eb90ab6eb95183184280d13eebf0c2f670322466bf4b45284
gcc-toolset-13-binutils-gold-debuginfo-2.40-21.el9_4.1.ppc64le.rpm SHA-256: 4e44dadfbe2b0f07c71cf3729174eac597a89e02ba062b513fdae93f42b96a69

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
gcc-toolset-13-binutils-2.40-21.el9_4.1.src.rpm SHA-256: f3e0806353da79ba96f86965f7455c037e6ff84914fe19439e3550316f127f2c
x86_64
gcc-toolset-13-binutils-2.40-21.el9_4.1.x86_64.rpm SHA-256: 1b199c811d0f54a4ddf307aa79c0bbf0b0889990138083cf4a77ff4ca319cc15
gcc-toolset-13-binutils-debuginfo-2.40-21.el9_4.1.i686.rpm SHA-256: 503fea1ffde095bfb4ef28058ec9bcfb2dd823fdd95a0a3fd96a4575ebf5b510
gcc-toolset-13-binutils-debuginfo-2.40-21.el9_4.1.x86_64.rpm SHA-256: f921cc51b00becf4da247b7b60285554b4c38494571d81d5e72f9b146d7f7ae2
gcc-toolset-13-binutils-devel-2.40-21.el9_4.1.i686.rpm SHA-256: 36a3bae8533e956aad6fc7b2f8fa4a49062d77ac9b4a94403bb67fc2e6536451
gcc-toolset-13-binutils-devel-2.40-21.el9_4.1.x86_64.rpm SHA-256: 18ea24cb3d6600fbe048b4c99ed1c5a7c0341d905cdbe9b0094ff95a98d14611
gcc-toolset-13-binutils-gold-2.40-21.el9_4.1.x86_64.rpm SHA-256: c2fa262fea7b0ead75376a3e82db849381460d5c88641fdd9d759addeadd2550
gcc-toolset-13-binutils-gold-debuginfo-2.40-21.el9_4.1.i686.rpm SHA-256: 598c7d948ab0e92063a355e7084774fd0946c02b1e67b17596a6ac72bb377bcd
gcc-toolset-13-binutils-gold-debuginfo-2.40-21.el9_4.1.x86_64.rpm SHA-256: f56e2c3b10e12a5d88efffdfd0a9170efc3d2db5ecb8ba731258b6050616338f
gcc-toolset-13-binutils-gprofng-debuginfo-2.40-21.el9_4.1.x86_64.rpm SHA-256: 2e74481939d7a0330b5d03d71a88f9936014e60d71b9a7f2489ec4aeb7e94bb1

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4

SRPM
gcc-toolset-13-binutils-2.40-21.el9_4.1.src.rpm SHA-256: f3e0806353da79ba96f86965f7455c037e6ff84914fe19439e3550316f127f2c
aarch64
gcc-toolset-13-binutils-2.40-21.el9_4.1.aarch64.rpm SHA-256: cf235fa7350254a6abcee7a77a106d4bebdfc1173023262661155c4fd0c2d6a7
gcc-toolset-13-binutils-debuginfo-2.40-21.el9_4.1.aarch64.rpm SHA-256: 465bbc2d49299b84131331775b2ac1e8aa335c0feb2cd20f8f49ee5645dddccf
gcc-toolset-13-binutils-devel-2.40-21.el9_4.1.aarch64.rpm SHA-256: 620bb3262b0ec8b88c1a9e7b26e75a662ad2e3390532219a998fc004b0ab695e
gcc-toolset-13-binutils-gold-2.40-21.el9_4.1.aarch64.rpm SHA-256: 3df429a164d57362c5a13d7732d00c9896be879834e6156e6515683187bbb532
gcc-toolset-13-binutils-gold-debuginfo-2.40-21.el9_4.1.aarch64.rpm SHA-256: 9fe602f2d436e055572b852536f0530c4af90a7698d40e8c1da55fedf2fc495f
gcc-toolset-13-binutils-gprofng-debuginfo-2.40-21.el9_4.1.aarch64.rpm SHA-256: 974299db49b6f9c331ca30d0a0346a93b9f3e215926e9b7c77b29a2983037523

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4

SRPM
gcc-toolset-13-binutils-2.40-21.el9_4.1.src.rpm SHA-256: f3e0806353da79ba96f86965f7455c037e6ff84914fe19439e3550316f127f2c
s390x
gcc-toolset-13-binutils-2.40-21.el9_4.1.s390x.rpm SHA-256: a42843e7376268d3ba87c655137570a0d417184a067d20f5d40ca2edb61b6bfd
gcc-toolset-13-binutils-debuginfo-2.40-21.el9_4.1.s390x.rpm SHA-256: 147ca9e94672c6e889ae8c25331a44edb95bacdf369167fc06a11d8db5e28167
gcc-toolset-13-binutils-devel-2.40-21.el9_4.1.s390x.rpm SHA-256: c735337033d2a891c819abcedc27f82fdeea1ab0e358f92dfab14adc83c5534e
gcc-toolset-13-binutils-gold-2.40-21.el9_4.1.s390x.rpm SHA-256: cf6ecd8a4c6d53777b876afd8252bfb71030b33f7f2b2fc06e71cfa3c0616106
gcc-toolset-13-binutils-gold-debuginfo-2.40-21.el9_4.1.s390x.rpm SHA-256: 41336653895cb038a9cc40c213ea7acfee2cf24e33e4cfe3c843126a1575501d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.