CVE-2025-1376

CWE-4048 documents8 sources
Severity
2.0LOW
EPSS
0.0%
top 98.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
GNU ElfutilsElfutils Project Elfutils
Timeline
PublishedFeb 17

Description

A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is b16f441cca0a4841050e3215a9f120a6d8aea9

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5gnu/elfutils0.192

🔴Vulnerability Details

3
GHSA
GHSA-7j9h-m494-r4c6: A vulnerability classified as problematic was found in GNU elfutils 02025-02-17
CVEList
GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service2025-02-17
OSV
CVE-2025-1376: A vulnerability classified as problematic was found in GNU elfutils 02025-02-17

📋Vendor Advisories

3
Red Hat
elfutils: GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service2025-02-17
Microsoft
GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service2025-02-11
Debian
CVE-2025-1376: elfutils - A vulnerability classified as problematic was found in GNU elfutils 0.192. This ...2025
CVE-2025-1376 (LOW CVSS 2) | A vulnerability classified as probl | cvebase.io