SUSE CVE-2025-1365

A vulnerability, which was classified as critical, was found in GNU elfutils 0.192. This affects the function processsymtab of the file readelf.c of the component eu-readelf. The manipulation of the argument D/a leads to buffer overflow. Local access is required to approach this attack. The explo...

SUSE CVE-2025-1371

A vulnerability has been found in GNU elfutils 0.192 and classified as problematic. This vulnerability affects the function handledynamicsymtab of the file readelf.c of the component eu-read. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has...

SUSE CVE-2025-1372

A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dumpdatasection/printstringsection of the file readelf.c of the component eu-readelf. The manipulation of the argument z/x leads to buffer overflow. An attack has to b...

SUSE CVE-2025-1376

A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elfstrptr in the library /libelf/elfstrptr.c of the component eu-strip. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The...

SUSE CVE-2025-1377

A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelfgetsymshndx of the file strip.c of the component eu-strip. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been...

GNU C Library Buffer Overflow Vulnerability

The GNU C Library is an open source, free C language compiler from the GNU community released under the LGPL license. GNU C Library suffers from a buffer overflow vulnerability that stems from not allocating enough space for assertion failure message strings and size information when the assert...

GNU GRUB 缓冲区错误漏洞

GNU GRUB is a Linux system boot program from the GNU community. A buffer overflow vulnerability exists in GNU GRUB. The vulnerability stems from the romsfs module containing an integer overflow issue when handling symbolic links, resulting in a heap-based out-of-bounds write when reading data. No...

GNU GRUB 缓冲区错误漏洞

GNU GRUB is a Linux system boot program from the GNU community. A buffer overflow vulnerability exists in GRUB. The vulnerability stems from the fs/hfs module containing an integer overflow issue that results in heap-based out-of-bounds writes. An attacker can exploit this vulnerability to execut...

GNU GRUB 缓冲区错误漏洞

GNU GRUB is a Linux system boot program from the GNU community. GNU GRUB suffers from a buffer overflow vulnerability, which stems from a missing JPEG parser buffer boundary check, that can be exploited by an attacker to run arbitrary code in the context of an affected application and take contro...

GNU GRUB 缓冲区错误漏洞

GNU GRUB2 is a Linux system bootloader from the GNU community. GNU GRUB2 suffers from a buffer overflow vulnerability that stems from the reiserfs fs module not properly checking for integer overflow issues, which can be exploited by an attacker to cause a heap out-of-bounds write, corrupt critic...

GNU GRUB 缓冲区错误漏洞

GRUB2 is a multiple bootloader for the GNU Project. GNU GRUB2 suffers from a buffer overflow vulnerability that stems from a failure to properly account for the length of an environment variable when copying user-controlled environment variable data to an internal buffer, resulting in an...

GNU GRUB 安全漏洞

GNU GRUB is a Linux system boot program from the GNU community. A security vulnerability exists in GNU GRUB, which stems from the dump command not being in a locked state when secure boot is enabled in the commands/dump module...

GNU GRUB 输入验证错误漏洞

GRUB2 is a multiple bootloader for the GNU Project. GNU GRUB2 suffers from a buffer overflow vulnerability that stems from a buffer overflow problem contained in reading the BFS file system. An attacker could exploit this vulnerability to cause a denial of service...

GNU GRUB 安全漏洞

GNU GRUB is a Linux system boot program from the GNU community. GNU GRUB suffers from a null pointer dereference vulnerability that stems from not properly setting ERRNO when an HFS+grub mount fails, which can lead to null pointer access. An attacker can exploit this vulnerability to perform...

GRUB 缓冲区错误漏洞

GNU GRUB is a Linux system boot program from the GNU community. GRUB suffers from a buffer error vulnerability that stems from an integer overflow not checked when reading .mo files, which can lead to out-of-bounds reads and writes and bypass secure boot...

GNU GRUB 缓冲区错误漏洞

GRUB2 is a multiple bootloader for the GNU Project. GNU GRUB2 suffers from a buffer overflow vulnerability that stems from an integer overflow flaw found in GRUB2's BFS file system driver. No detailed vulnerability details are provided at this time...

GNU GRUB 资源管理错误漏洞

GNU GRUB is a Linux system boot program from the GNU community. A resource management error vulnerability exists in GNU GRUB, which originates from a module uninstallation without clearing hooks, and can be exploited by an attacker to initiate a large number of requests, consuming system resource...

CVE-2025-1376

A flaw was found in GNU elfutils. This vulnerability allows denial of service via manipulation of the function elfstrptr in /libelf/elfstrptr.c. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria...

CVE-2025-1377

A flaw was found in GNU elfutils. This vulnerability allows denial of service via manipulation of the gelfgetsymshndx function in strip.c. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising...

CVE-2025-1365

A flaw was found in GNU elfutils. This vulnerability allows a buffer overflow via manipulation of the argument D/a in the processsymtab function of readelf.c. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security...