CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1377 – GNU elfutils eu-strip strip.c gelf_getsymshndx denial of service
https://notcve.org/view.php?id=CVE-2025-1377
17 Feb 2025 — A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelf_getsymshndx of the file strip.c of the component eu-strip. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. • https://sourceware.org/bugzilla/attachment.cgi?id=15941 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 2.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1376 – GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service
https://notcve.org/view.php?id=CVE-2025-1376
17 Feb 2025 — A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The complexity of an attack is rather high. • https://sourceware.org/bugzilla/attachment.cgi?id=15940 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1372 – GNU elfutils eu-readelf readelf.c print_string_section buffer overflow
https://notcve.org/view.php?id=CVE-2025-1372
17 Feb 2025 — A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf. The manipulation of the argument z/x leads to buffer overflow. An attack has to be approached locally. • https://sourceware.org/bugzilla/attachment.cgi?id=15927 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1371 – GNU elfutils eu-read readelf.c handle_dynamic_symtab null pointer dereference
https://notcve.org/view.php?id=CVE-2025-1371
17 Feb 2025 — A vulnerability has been found in GNU elfutils 0.192 and classified as problematic. This vulnerability affects the function handle_dynamic_symtab of the file readelf.c of the component eu-read. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. • https://sourceware.org/bugzilla/attachment.cgi?id=15926 • CWE-404: Improper Resource Shutdown or Release CWE-476: NULL Pointer Dereference •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1365 – GNU elfutils eu-readelf readelf.c process_symtab buffer overflow
https://notcve.org/view.php?id=CVE-2025-1365
16 Feb 2025 — A vulnerability, which was classified as critical, was found in GNU elfutils 0.192. This affects the function process_symtab of the file readelf.c of the component eu-readelf. The manipulation of the argument D/a leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. • https://sourceware.org/bugzilla/attachment.cgi?id=15925 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1352 – GNU elfutils eu-readelf libdw_alloc.c __libdw_thread_tail memory corruption
https://notcve.org/view.php?id=CVE-2025-1352
16 Feb 2025 — A vulnerability has been found in GNU elfutils 0.192 and classified as critical. This vulnerability affects the function __libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf. The manipulation of the argument w leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. • https://sourceware.org/bugzilla/attachment.cgi?id=15923 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1182 – GNU Binutils ld elflink.c bfd_elf_reloc_symbol_deleted_p memory corruption
https://notcve.org/view.php?id=CVE-2025-1182
11 Feb 2025 — A vulnerability, which was classified as critical, was found in GNU Binutils 2.43. Affected is the function bfd_elf_reloc_symbol_deleted_p of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. It is possible to launch the attack remotely. The complexity of an attack is rather high. • https://sourceware.org/bugzilla/attachment.cgi?id=15919 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1181 – GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec memory corruption
https://notcve.org/view.php?id=CVE-2025-1181
11 Feb 2025 — A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function _bfd_elf_gc_mark_rsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. • https://sourceware.org/bugzilla/attachment.cgi?id=15918 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 3.1EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1180 – GNU Binutils ld elf-eh-frame.c _bfd_elf_write_section_eh_frame memory corruption
https://notcve.org/view.php?id=CVE-2025-1180
11 Feb 2025 — A vulnerability classified as problematic has been found in GNU Binutils 2.43. This affects the function _bfd_elf_write_section_eh_frame of the file bfd/elf-eh-frame.c of the component ld. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The complexity of an attack is rather high. • https://sourceware.org/bugzilla/attachment.cgi?id=15917 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1179 – GNU Binutils ld libbfd.c bfd_putl64 memory corruption
https://notcve.org/view.php?id=CVE-2025-1179
11 Feb 2025 — A vulnerability was found in GNU Binutils 2.43. It has been rated as critical. Affected by this issue is the function bfd_putl64 of the file bfd/libbfd.c of the component ld. The manipulation leads to memory corruption. The attack may be launched remotely. • https://sourceware.org/bugzilla/attachment.cgi?id=15915 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •