UBUNTU-CVE-2025-1365

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2025-1365
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-1365.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2025-1365
Related
Published
2025-02-17T00:15:00Z
Modified
2025-03-25T05:09:18Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
Summary
[none]
Details

A vulnerability, which was classified as critical, was found in GNU elfutils 0.192. This affects the function process_symtab of the file readelf.c of the component eu-readelf. The manipulation of the argument D/a leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 5e5c0394d82c53e97750fe7b18023e6f84157b81. It is recommended to apply a patch to fix this issue.

References

Affected packages

Ubuntu:24.10 / elfutils

Package

Name
elfutils
Purl
pkg:deb/ubuntu/elfutils@0.191-2ubuntu0.1?arch=source&distro=oracular

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.191-2ubuntu0.1

Affected versions

0.*

0.190-1.1build4
0.191-1
0.191-2

Ecosystem specific 

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "0.191-2ubuntu0.1",
            "binary_name": "debuginfod"
        },
        {
            "binary_version": "0.191-2ubuntu0.1",
            "binary_name": "debuginfod-dbgsym"
        },
        {
            "binary_version": "0.191-2ubuntu0.1",
            "binary_name": "elfutils"
        },
        {
            "binary_version": "0.191-2ubuntu0.1",
            "binary_name": "elfutils-dbgsym"
        },
        {
            "binary_version": "0.191-2ubuntu0.1",
            "binary_name": "libasm-dev"
        },
        {
            "binary_version": "0.191-2ubuntu0.1",
            "binary_name": "libasm1t64"
        },
        {
            "binary_version": "0.191-2ubuntu0.1",
            "binary_name": "libasm1t64-dbgsym"
        },
        {
            "binary_version": "0.191-2ubuntu0.1",
            "binary_name": "libdebuginfod-common"
        },
        {
            "binary_version": "0.191-2ubuntu0.1",
            "binary_name": "libdebuginfod-dev"
        },
        {
            "binary_version": "0.191-2ubuntu0.1",
            "binary_name": "libdebuginfod1t64"
        },
        {
            "binary_version": "0.191-2ubuntu0.1",
            "binary_name": "libdebuginfod1t64-dbgsym"
        },
        {
            "binary_version": "0.191-2ubuntu0.1",
            "binary_name": "libdw-dev"
        },
        {
            "binary_version": "0.191-2ubuntu0.1",
            "binary_name": "libdw1t64"
        },
        {
            "binary_version": "0.191-2ubuntu0.1",
            "binary_name": "libdw1t64-dbgsym"
        },
        {
            "binary_version": "0.191-2ubuntu0.1",
            "binary_name": "libelf-dev"
        },
        {
            "binary_version": "0.191-2ubuntu0.1",
            "binary_name": "libelf1t64"
        },
        {
            "binary_version": "0.191-2ubuntu0.1",
            "binary_name": "libelf1t64-dbgsym"
        }
    ]
}

Ubuntu:24.04:LTS / elfutils

Package

Name
elfutils
Purl
pkg:deb/ubuntu/elfutils@0.190-1.1ubuntu0.1?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.190-1.1ubuntu0.1

Affected versions

0.*

0.189-4
0.190-1
0.190-1.1build2
0.190-1.1build3
0.190-1.1build4
0.190-1.1build4.1

Ecosystem specific 

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "0.190-1.1ubuntu0.1",
            "binary_name": "debuginfod"
        },
        {
            "binary_version": "0.190-1.1ubuntu0.1",
            "binary_name": "debuginfod-dbgsym"
        },
        {
            "binary_version": "0.190-1.1ubuntu0.1",
            "binary_name": "elfutils"
        },
        {
            "binary_version": "0.190-1.1ubuntu0.1",
            "binary_name": "elfutils-dbgsym"
        },
        {
            "binary_version": "0.190-1.1ubuntu0.1",
            "binary_name": "libasm-dev"
        },
        {
            "binary_version": "0.190-1.1ubuntu0.1",
            "binary_name": "libasm1t64"
        },
        {
            "binary_version": "0.190-1.1ubuntu0.1",
            "binary_name": "libasm1t64-dbgsym"
        },
        {
            "binary_version": "0.190-1.1ubuntu0.1",
            "binary_name": "libdebuginfod-common"
        },
        {
            "binary_version": "0.190-1.1ubuntu0.1",
            "binary_name": "libdebuginfod-dev"
        },
        {
            "binary_version": "0.190-1.1ubuntu0.1",
            "binary_name": "libdebuginfod1t64"
        },
        {
            "binary_version": "0.190-1.1ubuntu0.1",
            "binary_name": "libdebuginfod1t64-dbgsym"
        },
        {
            "binary_version": "0.190-1.1ubuntu0.1",
            "binary_name": "libdw-dev"
        },
        {
            "binary_version": "0.190-1.1ubuntu0.1",
            "binary_name": "libdw1t64"
        },
        {
            "binary_version": "0.190-1.1ubuntu0.1",
            "binary_name": "libdw1t64-dbgsym"
        },
        {
            "binary_version": "0.190-1.1ubuntu0.1",
            "binary_name": "libelf-dev"
        },
        {
            "binary_version": "0.190-1.1ubuntu0.1",
            "binary_name": "libelf1t64"
        },
        {
            "binary_version": "0.190-1.1ubuntu0.1",
            "binary_name": "libelf1t64-dbgsym"
        }
    ]
}