Azure Linux 3.0 Security Update: elfutils (CVE-2025-1376)

🗓️ 22 Jan 2026 00:00:00Reported by TenableType

Azure Linux 3.0 has a local denial of service in elfutils before the tested version CVE-2025-1376; apply patch.

Reporter	Title	Published	Views	Family All 64
AlpineLinux	CVE-2025-1376	17 Feb 202505:15	–	alpinelinux
CBLMariner	CVE-2025-1376 affecting package elfutils for versions less than 0.189-4	19 Apr 202500:20	–	cbl_mariner
Circl	CVE-2025-1376	17 Feb 202504:40	–	circl
CNNVD	Elfutils 安全漏洞	17 Feb 202500:00	–	cnnvd
CVE	CVE-2025-1376	17 Feb 202504:31	–	cve
Cvelist	CVE-2025-1376 GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service	17 Feb 202504:31	–	cvelist
Debian CVE	CVE-2025-1376	17 Feb 202504:31	–	debiancve
IBM Security Bulletins	Security Bulletin: EDB PGAI Databases is affected by Multiple Vulnerabilities.	8 Apr 202615:58	–	ibm
Tenable Nessus	EulerOS 2.0 SP12 : elfutils (EulerOS-SA-2025-1411)	6 May 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP12 : elfutils (EulerOS-SA-2025-1412)	6 May 202500:00	–	nessus

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-1376
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(295572);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/02/03");

  script_cve_id("CVE-2025-1376");

  script_name(english:"Azure Linux 3.0 Security Update: elfutils (CVE-2025-1376)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Azure Linux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The version of elfutils installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore,
affected by a vulnerability as referenced in the CVE-2025-1376 advisory.

  - A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the
    function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipulation leads
    to denial of service. It is possible to launch the attack on the local host. The complexity of an attack
    is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and
    May be used. The name of the patch is b16f441cca0a4841050e3215a9f120a6d8aea918. It is recommended to apply
    a patch to fix this issue. (CVE-2025-1376)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://nvd.nist.gov/vuln/detail/CVE-2025-1376");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:H/Au:S/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N");
  script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:P");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-1376");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2025/02/17");
  script_set_attribute(attribute:"patch_publication_date", value:"2025/04/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/22");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:elfutils");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:elfutils-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:elfutils-default-yama-scope");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:elfutils-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:elfutils-devel-static");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:elfutils-libelf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:elfutils-libelf-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:elfutils-libelf-devel-static");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:elfutils-libelf-lang");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:microsoft:azure_linux");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Azure Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AzureLinux/release", "Host/AzureLinux/rpm-list", "Host/cpu");

  exit(0);
}
include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var release = get_kb_item('Host/AzureLinux/release');
if (isnull(release) || 'Azure Linux' >!< release) audit(AUDIT_OS_NOT, 'Azure Linux');
var os_ver = pregmatch(pattern: "Azure Linux ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Azure Linux');
os_ver = os_ver[1];
if (! preg(pattern:"^3([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Azure Linux 3.0', 'Azure Linux ' + os_ver);

if (!get_kb_item('Host/AzureLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu)
  audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Azure Linux', cpu);

var pkgs = [
    {'reference':'elfutils-0.189-4.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-0.189-4.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-debuginfo-0.189-4.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-debuginfo-0.189-4.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-default-yama-scope-0.189-4.azl3', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-default-yama-scope-0.189-4.azl3', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-devel-0.189-4.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-devel-0.189-4.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-devel-static-0.189-4.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-devel-static-0.189-4.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-libelf-0.189-4.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-libelf-0.189-4.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-libelf-devel-0.189-4.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-libelf-devel-0.189-4.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-libelf-devel-static-0.189-4.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-libelf-devel-static-0.189-4.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-libelf-lang-0.189-4.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-libelf-lang-0.189-4.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE}
];

var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var el_string = NULL;
  var rpm_spec_vers_cmp = NULL;
  var epoch = NULL;
  var allowmaj = NULL;
  var exists_check = NULL;
  var cves = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = 'Azure Linux ' + package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
  if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (!empty_or_null(package_array['cves'])) cves = package_array['cves'];
  if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
    if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_NOTE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'elfutils / elfutils-debuginfo / elfutils-default-yama-scope / etc');
}

03 Feb 2026 00:00Current

3.6Low risk

Vulners AI Score3.6

CVSS 3.12.5 - 4.7

CVSS 21

CVSS 42

CVSS 32.5

EPSS0.0001

SSVC