{ "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2025-1371", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability has been found in GNU elfutils 0.192 and classified as problematic. This vulnerability affects the function handle_dynamic_symtab of the file readelf.c of the component eu-read. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is identified as b38e562a4c907e08171c76b8b2def8464d5a104a. It is recommended to apply a patch to fix this issue." }, { "lang": "deu", "value": "In GNU elfutils 0.192 wurde eine problematische Schwachstelle gefunden. Dabei geht es um die Funktion handle_dynamic_symtab der Datei readelf.c der Komponente eu-read. Dank Manipulation mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Der Patch wird als b38e562a4c907e08171c76b8b2def8464d5a104a bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "NULL Pointer Dereference", "cweId": "CWE-476" } ] }, { "description": [ { "lang": "eng", "value": "Denial of Service", "cweId": "CWE-404" } ] } ] }, "affects": { "vendor": { "vendor_data": [ { "vendor_name": "GNU", "product": { "product_data": [ { "product_name": "elfutils", "version": { "version_data": [ { "version_affected": "=", "version_value": "0.192" } ] } } ] } } ] } }, "references": { "reference_data": [ { "url": "https://vuldb.com/?id.295978", "refsource": "MISC", "name": "https://vuldb.com/?id.295978" }, { "url": "https://vuldb.com/?ctiid.295978", "refsource": "MISC", "name": "https://vuldb.com/?ctiid.295978" }, { "url": "https://vuldb.com/?submit.496484", "refsource": "MISC", "name": "https://vuldb.com/?submit.496484" }, { "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32655", "refsource": "MISC", "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=32655" }, { "url": "https://sourceware.org/bugzilla/attachment.cgi?id=15926", "refsource": "MISC", "name": "https://sourceware.org/bugzilla/attachment.cgi?id=15926" }, { "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32655#c2", "refsource": "MISC", "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=32655#c2" }, { "url": "https://www.gnu.org/", "refsource": "MISC", "name": "https://www.gnu.org/" } ] }, "credits": [ { "lang": "en", "value": "rookie (VulDB User)" } ], "impact": { "cvss": [ { "version": "3.1", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "baseSeverity": "LOW" }, { "version": "3.0", "baseScore": 3.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "baseSeverity": "LOW" }, { "version": "2.0", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P" } ] } }