CVE-2025-1147: 
NixOS vulnerability analysis and mitigation

A vulnerability has been discovered in GNU Binutils 2.43, specifically affecting the function _sanitizer::internalstrlen in the nm component's nm.c file. The vulnerability was disclosed on February 10, 2025, and is classified as a buffer overflow issue that can be triggered through manipulation of the const argument (NVD, Red Hat).

The vulnerability is characterized by a buffer overflow condition that occurs when manipulating the const argument in the _sanitizer::internalstrlen function. It has received a CVSS v3.1 base score of 3.1 (LOW), with the following vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L. The attack vector is network-accessible but requires high attack complexity and user interaction. The vulnerability has been classified under CWE-120 (Buffer Copy without Checking Size of Input) and CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) (NVD).

The vulnerability primarily affects the availability of the system with a low impact rating. When exploited, it can cause a segmentation fault and program termination, specifically when the nm utility is processing certain malformed inputs. There are no reported impacts on confidentiality or integrity of the system (Red Hat).

Currently, there are no official patches or fixes available for this vulnerability. Red Hat has indicated that mitigation options either do not exist or do not meet their Product Security criteria for ease of use and deployment (Red Hat).