Lucene search
K
Elfutils ProjectElfutils0.192

6 matches found

CVE
CVE
added 2025/02/17 4:31 a.m.122 views

CVE-2025-1376

CVE-2025-1376 affects GNU elfutils 0.192, specifically the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip . The manipulation leads to a denial of service and requires a local attack. The exploitation difficulty is described as high, and the exploit has been disc...

4.7CVSS6.6AI score0.00287EPSS
CVE
CVE
added 2025/02/17 3:0 a.m.92 views

CVE-2025-1372

GNU elfutils 0.192 is affected, specifically the eu-readelf component (dump_data_section/print_string_section in readelf.c). The issue arises from manipulating the z/x argument, causing a buffer overflow. Exploitation is described as local, with public disclosure of the exploit. A patch is identi...

7.8CVSS7.2AI score0.00327EPSS
CVE
CVE
added 2025/02/16 2:31 p.m.81 views

CVE-2025-1352

CVE-2025-1352 concerns GNU elfutils 0.192. The vulnerability affects the __libdw_thread_tail function in eu-readelf (libdw_alloc.c), where manipulation of the w argument leads to memory corruption. Nessus/NVD entries describe remote exploitation with high complexity and publicly disclosed exploit...

7.5CVSS6.9AI score0.00614EPSS
CVE
CVE
added 2025/02/17 5:0 a.m.81 views

CVE-2025-1377

CVE-2025-1377 affects GNU elfutils 0.192, specifically the function gelf_getsymshndx in eu-strip/strip.c. The vulnerability allows a local attacker to cause a denial of service. Several connected advisories confirm the same issue and cite the patch identifier fbf1df9ca286de3323ae541973b08449f8d03...

5.5CVSS6.8AI score0.00305EPSS
CVE
CVE
added 2025/02/16 11:31 p.m.77 views

CVE-2025-1365

GNU elfutils 0.192 (eu-readelf) is affected; the vulnerability lives in readelf.c, function process_symtab, where manipulating the D/a argument causes a buffer overflow. Local access is required; exploitation has been disclosed. A patch is identified by git: 5e5c0394d82c53e97750fe7b18023e6f84157b...

7.8CVSS7.2AI score0.00324EPSS
CVE
CVE
added 2025/02/17 2:31 a.m.71 views

CVE-2025-1371

GNU elfutils 0.192 is affected via readelf.c in the eu-read handle_dynamic_symtab code path, where a null pointer dereference can occur with local attack access. The vulnerability is described as exploitable locally, and public exploits/ PoCs have been disclosed. A patch is available (commit/tag ...

5.5CVSS6.9AI score0.00217EPSS