CVE-2025-1365

Source
https://cve.org/CVERecord?id=CVE-2025-1365
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-1365.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-1365
Downstream
Related
Published
2025-02-16T23:31:08.316Z
Modified
2026-07-08T08:11:57.345062848Z
Severity
  • 4.8 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N CVSS Calculator
Summary
GNU elfutils eu-readelf readelf.c process_symtab buffer overflow
Details

A vulnerability, which was classified as critical, was found in GNU elfutils 0.192. This affects the function process_symtab of the file readelf.c of the component eu-readelf. The manipulation of the argument D/a leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 5e5c0394d82c53e97750fe7b18023e6f84157b81. It is recommended to apply a patch to fix this issue.

Database specific
{
    "unresolved_ranges": [
        {
            "source": "AFFECTED_FIELD",
            "extracted_events": [
                {
                    "introduced": "0.192"
                },
                {
                    "last_affected": "0.192"
                }
            ]
        }
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/1xxx/CVE-2025-1365.json",
    "cna_assigner": "VulDB",
    "cwe_ids": [
        "CWE-119",
        "CWE-120"
    ]
}
References

Affected packages

Git / sourceware.org/git/elfutils.git

Affected ranges

Type
GIT
Repo
https://sourceware.org/git/elfutils.git
Events
Introduced
0f3b436b7e4fc4d310be79a62e40a115fdc482d0
Last affected
0f3b436b7e4fc4d310be79a62e40a115fdc482d0
Database specific
{
    "source": "CPE_STRING",
    "cpe": "cpe:2.3:a:elfutils_project:elfutils:0.192:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0.192"
        },
        {
            "last_affected": "0.192"
        }
    ]
}

Affected versions

0.*
0.192
elfutils-0.*
elfutils-0.192

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-1365.json"