Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE: elfutils Moderate DoS & Buffer Overflow Issues 2025:4092-1

suse
Calendar Grey November 24, 2025
Dist Suse Esm H88
This update addresses moderate security issues in elfutils, including denial of service and buffer overflow vulnerabilities.
* bsc#1237236 * bsc#1237240 * bsc#1237241 * bsc#1237242

Summary

## This update for elfutils fixes the following issues: * Fixing build/testsuite for more recent glibc and kernels. * Fixing denial of service and general buffer overflow errors (bsc#1237236, bsc#1237240, bsc#1237241, bsc#1237242): * CVE-2025-1376: Fixed denial of service in function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip * CVE-2025-1377: Fixed denial of service in function gelf_getsymshndx of the file strip.c of the component eu-strip * CVE-2025-1372: Fixed buffer overflow in function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf * CVE-2025-1352: Fixed SEGV (illegal read access) in function __libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf

Topics%20covered

Topics Covered

security advisory moderate denial of service buffer overflow SuSE elfutils

References

* bsc#1237236

* bsc#1237240

* bsc#1237241

* bsc#1237242

Cross-

* CVE-2025-1352

* CVE-2025-1372

* CVE-2025-1376

* CVE-2025-1377

CVSS scores:

* CVE-2025-1352 ( SUSE ): 1.8

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

* CVE-2025-1352 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

* CVE-2025-1352 ( NVD ): 2.3

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

* CVE-2025-1352 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

* CVE-2025-1352 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2025-1372 ( SUSE ): 4.6

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Announcement ID: SUSE-SU-2025:4092-1
Release Date: 2025-11-24T09:09:10Z
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate denial of service buffer overflow SuSE elfutils

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here