Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2025-1376

Good to know:

icon

Date: February 16, 2025

A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is b16f441cca0a4841050e3215a9f120a6d8aea918. It is recommended to apply a patch to fix this issue.

Severity Score

Related Resources (9)

https://sourceware.org/bugzilla/show_bug.cgi?id=32672
https://vuldb.com/?submit.497538
https://vuldb.com/?ctiid.295984
https://sourceware.org/bugzilla/attachment.cgi?id=15940
https://vuldb.com/?id.295984
https://sourceware.org/bugzilla/show_bug.cgi?id=32672#c3
https://nvd.nist.gov/vuln/detail/CVE-2025-1376
https://www.gnu.org/
https://www.mend.io/vulnerability-database/CVE-2025-1376

Severity Score

Weakness Type (CWE)

Improper Resource Shutdown or Release

CWE-404

Top Fix

icon

Upgrade Version

Upgrade to version libbpf-sys - 1.4.4+v1.4.5;libbpf-sys - no_fix;tracers-libelf-sys - no_fix;libbpf-sys-cross - no_fix;elfutils - no_fix

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): HIGH
Privileges Required (PR): LOW
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): LOW

CVSS v2

Base Score:
Access Vector (AV): LOCAL
Access Complexity (AC): HIGH
Authentication (AU): SINGLE
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): PARTIAL
Additional information:

Do you need more information?

Contact Us