Explore top 10 tips to secure your open-source projects now. Read More
×An update that solves four vulnerabilities can now be installed.. # Security update for elfutils Announcement ID: SUSE-SU-2025:4092-1 Release Date: 2025-11-24T09:09:10Z Rating: moderate References: * bsc#1237236 * bsc#1237240 * bsc#1237241 * bsc#1237242 Cross-References: * CVE-2025-1352 * CVE-2025-1372 * CVE-2025-1376 * CVE-2025-1377 CVSS scores: * CVE-2025-1352 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-1352 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-1352 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1352 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-1352 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-1372 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-1372 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-1372 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1372 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-1372 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-1376 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-1376 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-1376 ( NVD ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1376 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-1376 ( NVD ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-1377 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-1377 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2025-1377 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1377 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-1377 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSEManager Server 4.3 * SUSE Manager Server 4.3 LTS An update that solves four vulnerabilities can now be installed. ## Description: This update for elfutils fixes the following issues: * Fixing build/testsuite for more recent glibc and kernels. * Fixing denial of service and general buffer overflow errors (bsc#1237236, bsc#1237240, bsc#1237241, bsc#1237242): * CVE-2025-1376: Fixed denial of service in function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip * CVE-2025-1377: Fixed denial of service in function gelf_getsymshndx of the file strip.c of the component eu-strip * CVE-2025-1372: Fixed buffer overflow in function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf * CVE-2025-1352: Fixed SEGV (illegal read access) in function __libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf * Fixing testsuite race conditions in run-debuginfod-find.sh. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4092=1 * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-4092=1 * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-4092=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-4092=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-4092=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-4092=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-4092=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patchSUSE-SLE-Micro-5.3-2025-4092=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-4092=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-4092=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-4092=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-4092=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-4092=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4092=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4092=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4092=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4092=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4092=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4092=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4092=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 *elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * libdebuginfod-devel-0.185-150400.5.8.2 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * elfutils-lang-0.185-150400.5.8.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * libelf1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * SUSE Manager Proxy 4.3 LTS (x86_64) * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * libelf1-32bit-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * libelf1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * SUSE Manager Proxy 4.3 LTS (noarch) * elfutils-lang-0.185-150400.5.8.3 * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 *libelf1-debuginfo-0.185-150400.5.8.3 * libelf1-32bit-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * libelf1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * SUSE Manager Retail Branch Server 4.3 LTS (noarch) * elfutils-lang-0.185-150400.5.8.3 * SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64) * libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Manager Server 4.3 LTS (noarch) * elfutils-lang-0.185-150400.5.8.3 * SUSE Manager Server 4.3 LTS (x86_64) * libelf1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 *libelf1-32bit-debuginfo-0.185-150400.5.8.3 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libdw-devel-0.185-150400.5.8.3 * libdebuginfod-dummy-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * elfutils-debugsource-0.185-150400.5.8.3 * libdebuginfod-devel-0.185-150400.5.8.2 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * debuginfod-dummy-client-debuginfo-0.185-150400.5.8.3 * debuginfod-dummy-client-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * libelf1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * libdebuginfod1-dummy-debuginfo-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libdebuginfod1-dummy-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * openSUSE Leap 15.4 (noarch) * elfutils-lang-0.185-150400.5.8.3 * openSUSE Leap 15.4 (x86_64) * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * libasm1-32bit-0.185-150400.5.8.3 * libelf-devel-32bit-0.185-150400.5.8.3 * libelf1-32bit-0.185-150400.5.8.3 * libasm1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * openSUSE Leap 15.4 (aarch64_ilp32) * libasm1-64bit-debuginfo-0.185-150400.5.8.3 * libdw1-64bit-debuginfo-0.185-150400.5.8.3 * libasm1-64bit-0.185-150400.5.8.3 * libelf1-64bit-debuginfo-0.185-150400.5.8.3 * libelf-devel-64bit-0.185-150400.5.8.3 * libdw1-64bit-0.185-150400.5.8.3 * libelf1-64bit-0.185-150400.5.8.3 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) *libdw-devel-0.185-150400.5.8.3 * libdebuginfod-dummy-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * elfutils-debugsource-0.185-150400.5.8.3 * libdebuginfod-devel-0.185-150400.5.8.2 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * debuginfod-dummy-client-debuginfo-0.185-150400.5.8.3 * debuginfod-dummy-client-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * libelf1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * libdebuginfod1-dummy-debuginfo-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libdebuginfod1-dummy-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * openSUSE Leap 15.6 (noarch) * elfutils-lang-0.185-150400.5.8.3 * openSUSE Leap 15.6 (x86_64) * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * libasm1-32bit-0.185-150400.5.8.3 * libelf-devel-32bit-0.185-150400.5.8.3 * libelf1-32bit-0.185-150400.5.8.3 * libasm1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libelf1-0.185-150400.5.8.3 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * libasm1-debuginfo-0.185-150400.5.8.3 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libelf1-0.185-150400.5.8.3 *elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * libasm1-debuginfo-0.185-150400.5.8.3 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libelf1-0.185-150400.5.8.3 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * libasm1-debuginfo-0.185-150400.5.8.3 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libelf1-0.185-150400.5.8.3 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * libasm1-debuginfo-0.185-150400.5.8.3 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libelf1-0.185-150400.5.8.3 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * libasm1-debuginfo-0.185-150400.5.8.3 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 *libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * libdebuginfod-devel-0.185-150400.5.8.2 * elfutils-debuginfo-0.185-150400.5.8.3 * Basesystem Module 15-SP6 (noarch) * elfutils-lang-0.185-150400.5.8.3 * Basesystem Module 15-SP6 (x86_64) * libelf1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * libdebuginfod-devel-0.185-150400.5.8.2 * elfutils-debuginfo-0.185-150400.5.8.3 * Basesystem Module 15-SP7 (noarch) * elfutils-lang-0.185-150400.5.8.3 * Basesystem Module 15-SP7 (x86_64) * libelf1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) *libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * elfutils-lang-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libelf1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 *elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * elfutils-lang-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libelf1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * libdebuginfod-devel-0.185-150400.5.8.2 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * elfutils-lang-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * libelf1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * libdebuginfod-devel-0.185-150400.5.8.2 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * elfutils-lang-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * libelf1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * elfutils-lang-0.185-150400.5.8.3 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libelf1-32bit-0.185-150400.5.8.3 *libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * libdebuginfod-devel-0.185-150400.5.8.2 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * elfutils-lang-0.185-150400.5.8.3 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * libelf1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * elfutils-lang-0.185-150400.5.8.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libelf1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 ## References: * https://www.suse.com/security/cve/CVE-2025-1352.html * https://www.suse.com/security/cve/CVE-2025-1372.html * https://www.suse.com/security/cve/CVE-2025-1376.html * https://www.suse.com/security/cve/CVE-2025-1377.html * https://bugzilla.suse.com/show_bug.cgi?id=1237236 * https://bugzilla.suse.com/show_bug.cgi?id=1237240 * https://bugzilla.suse.com/show_bug.cgi?id=1237241 * https://bugzilla.suse.com/show_bug.cgi?id=1237242 . An openSUSE advisory addressing moderate vulnerabilities in elfutils involves updates fixing buffer overflows and DoS.. openSUSE elfutils security update, SUSE vulnerability fix, openSUSE advisory. . LinuxSecurity.com Team
* bsc#1237236 * bsc#1237240 * bsc#1237241 * bsc#1237242 . # Security update for elfutils Announcement ID: SUSE-SU-2025:4092-1 Release Date: 2025-11-24T09:09:10Z Rating: moderate References: * bsc#1237236 * bsc#1237240 * bsc#1237241 * bsc#1237242 Cross-References: * CVE-2025-1352 * CVE-2025-1372 * CVE-2025-1376 * CVE-2025-1377 CVSS scores: * CVE-2025-1352 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-1352 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-1352 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1352 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-1352 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-1372 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-1372 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-1372 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1372 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-1372 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-1376 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-1376 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-1376 ( NVD ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1376 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-1376 ( NVD ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-1377 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-1377 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2025-1377 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1377 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-1377 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Retail Branch Server 4.3 LTS * SUSE ManagerServer 4.3 * SUSE Manager Server 4.3 LTS An update that solves four vulnerabilities can now be installed. ## Description: This update for elfutils fixes the following issues: * Fixing build/testsuite for more recent glibc and kernels. * Fixing denial of service and general buffer overflow errors (bsc#1237236, bsc#1237240, bsc#1237241, bsc#1237242): * CVE-2025-1376: Fixed denial of service in function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip * CVE-2025-1377: Fixed denial of service in function gelf_getsymshndx of the file strip.c of the component eu-strip * CVE-2025-1372: Fixed buffer overflow in function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf * CVE-2025-1352: Fixed SEGV (illegal read access) in function __libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf * Fixing testsuite race conditions in run-debuginfod-find.sh. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4092=1 * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-4092=1 * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-4092=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-4092=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-4092=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-4092=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-4092=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-4092=1 *SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-4092=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-4092=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-4092=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-4092=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-4092=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4092=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4092=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4092=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4092=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4092=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4092=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4092=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * libdebuginfod-devel-0.185-150400.5.8.2 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * elfutils-lang-0.185-150400.5.8.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * libelf1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * SUSE Manager Proxy 4.3 LTS (x86_64) * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * libelf1-32bit-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * libelf1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * SUSE Manager Proxy 4.3 LTS (noarch) * elfutils-lang-0.185-150400.5.8.3 * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 *libelf1-32bit-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * libelf1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * SUSE Manager Retail Branch Server 4.3 LTS (noarch) * elfutils-lang-0.185-150400.5.8.3 * SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64) * libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Manager Server 4.3 LTS (noarch) * elfutils-lang-0.185-150400.5.8.3 * SUSE Manager Server 4.3 LTS (x86_64) * libelf1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * openSUSE Leap 15.4(aarch64 ppc64le s390x x86_64 i586) * libdw-devel-0.185-150400.5.8.3 * libdebuginfod-dummy-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * elfutils-debugsource-0.185-150400.5.8.3 * libdebuginfod-devel-0.185-150400.5.8.2 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * debuginfod-dummy-client-debuginfo-0.185-150400.5.8.3 * debuginfod-dummy-client-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * libelf1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * libdebuginfod1-dummy-debuginfo-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libdebuginfod1-dummy-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * openSUSE Leap 15.4 (noarch) * elfutils-lang-0.185-150400.5.8.3 * openSUSE Leap 15.4 (x86_64) * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * libasm1-32bit-0.185-150400.5.8.3 * libelf-devel-32bit-0.185-150400.5.8.3 * libelf1-32bit-0.185-150400.5.8.3 * libasm1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * openSUSE Leap 15.4 (aarch64_ilp32) * libasm1-64bit-debuginfo-0.185-150400.5.8.3 * libdw1-64bit-debuginfo-0.185-150400.5.8.3 * libasm1-64bit-0.185-150400.5.8.3 * libelf1-64bit-debuginfo-0.185-150400.5.8.3 * libelf-devel-64bit-0.185-150400.5.8.3 * libdw1-64bit-0.185-150400.5.8.3 * libelf1-64bit-0.185-150400.5.8.3 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libdw-devel-0.185-150400.5.8.3 * libdebuginfod-dummy-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * elfutils-debugsource-0.185-150400.5.8.3 * libdebuginfod-devel-0.185-150400.5.8.2 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * debuginfod-dummy-client-debuginfo-0.185-150400.5.8.3 * debuginfod-dummy-client-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * libelf1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * libdebuginfod1-dummy-debuginfo-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libdebuginfod1-dummy-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * openSUSE Leap 15.6 (noarch) * elfutils-lang-0.185-150400.5.8.3 * openSUSE Leap 15.6 (x86_64) * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * libasm1-32bit-0.185-150400.5.8.3 * libelf-devel-32bit-0.185-150400.5.8.3 * libelf1-32bit-0.185-150400.5.8.3 * libasm1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libelf1-0.185-150400.5.8.3 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * libasm1-debuginfo-0.185-150400.5.8.3 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libelf1-0.185-150400.5.8.3 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 *libelf1-debuginfo-0.185-150400.5.8.3 * libasm1-debuginfo-0.185-150400.5.8.3 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libelf1-0.185-150400.5.8.3 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * libasm1-debuginfo-0.185-150400.5.8.3 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libelf1-0.185-150400.5.8.3 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * libasm1-debuginfo-0.185-150400.5.8.3 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libelf1-0.185-150400.5.8.3 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * libasm1-debuginfo-0.185-150400.5.8.3 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 *elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * libdebuginfod-devel-0.185-150400.5.8.2 * elfutils-debuginfo-0.185-150400.5.8.3 * Basesystem Module 15-SP6 (noarch) * elfutils-lang-0.185-150400.5.8.3 * Basesystem Module 15-SP6 (x86_64) * libelf1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * libdebuginfod-devel-0.185-150400.5.8.2 * elfutils-debuginfo-0.185-150400.5.8.3 * Basesystem Module 15-SP7 (noarch) * elfutils-lang-0.185-150400.5.8.3 * Basesystem Module 15-SP7 (x86_64) * libelf1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * elfutils-lang-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libelf1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) *elfutils-lang-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libelf1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * libdebuginfod-devel-0.185-150400.5.8.2 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * elfutils-lang-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * libelf1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 *libelf-devel-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * libdebuginfod-devel-0.185-150400.5.8.2 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * elfutils-lang-0.185-150400.5.8.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * libelf1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * elfutils-lang-0.185-150400.5.8.3 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libelf1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 *SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 * libdw1-debuginfo-0.185-150400.5.8.3 * libdebuginfod-devel-0.185-150400.5.8.2 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * elfutils-lang-0.185-150400.5.8.3 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * libelf1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libelf1-0.185-150400.5.8.3 * libasm-devel-0.185-150400.5.8.3 * elfutils-debuginfod-0.185-150400.5.8.2 * elfutils-debuginfod-debugsource-0.185-150400.5.8.2 * libdw-devel-0.185-150400.5.8.3 * libdebuginfod1-debuginfo-0.185-150400.5.8.2 * elfutils-0.185-150400.5.8.3 * libasm1-0.185-150400.5.8.3 * libdebuginfod1-0.185-150400.5.8.2 * libelf-devel-0.185-150400.5.8.3 * libelf1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-0.185-150400.5.8.2 * elfutils-debuginfod-debuginfo-0.185-150400.5.8.2 * libasm1-debuginfo-0.185-150400.5.8.3 * debuginfod-client-debuginfo-0.185-150400.5.8.2 * elfutils-debugsource-0.185-150400.5.8.3 * libdw1-0.185-150400.5.8.3 *libdw1-debuginfo-0.185-150400.5.8.3 * elfutils-debuginfo-0.185-150400.5.8.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * elfutils-lang-0.185-150400.5.8.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libelf1-32bit-0.185-150400.5.8.3 * libdw1-32bit-debuginfo-0.185-150400.5.8.3 * libdw1-32bit-0.185-150400.5.8.3 * libelf1-32bit-debuginfo-0.185-150400.5.8.3 ## References: * https://www.suse.com/security/cve/CVE-2025-1352.html * https://www.suse.com/security/cve/CVE-2025-1372.html * https://www.suse.com/security/cve/CVE-2025-1376.html * https://www.suse.com/security/cve/CVE-2025-1377.html * https://bugzilla.suse.com/show_bug.cgi?id=1237236 * https://bugzilla.suse.com/show_bug.cgi?id=1237240 * https://bugzilla.suse.com/show_bug.cgi?id=1237241 * https://bugzilla.suse.com/show_bug.cgi?id=1237242 . This update addresses moderate security issues in elfutils, including denial of service and buffer overflow vulnerabilities.. elfutils security patch, SUSE elfutils update, Linux security advisory. . LinuxSecurity.com Team
elfutils v0.189 was discovered to contain a NULL pointer dereference via the handle_verdef() function at readelf.c. (CVE-2024-25260) GNU elfutils eu-readelf readelf.c print_string_section buffer overflow. (CVE-2025-1372) GNU elfutils eu-strip strip.c gelf_getsymshndx denial of service. . MGASA-2025-0119 - Updated elfutils packages fix security vulnerabilities Publication date: 31 Mar 2025 URL: https://advisories.mageia.org/MGASA-2025-0119.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-25260, CVE-2025-1372, CVE-2025-1377 elfutils v0.189 was discovered to contain a NULL pointer dereference via the handle_verdef() function at readelf.c. (CVE-2024-25260) GNU elfutils eu-readelf readelf.c print_string_section buffer overflow. (CVE-2025-1372) GNU elfutils eu-strip strip.c gelf_getsymshndx denial of service. (CVE-2025-1377) References: - https://bugs.mageia.org/show_bug.cgi?id=34134 - https://ubuntu.com/security/notices/USN-7369-1 - https://www.cve.org/CVERecord?id=CVE-2024-25260 - https://www.cve.org/CVERecord?id=CVE-2025-1372 - https://www.cve.org/CVERecord?id=CVE-2025-1377 SRPMS: - 9/core/elfutils-0.189-1.1.mga9 . elfutils updates for Mageia address critical NULL pointer dereference and DoS issues. Stay secure with timely patches.. elfutils, contain, pointer, dereference, handle_verdef(), functio. . Severity: Critical. LinuxSecurity.com Team
Several security issues were fixed in elfutils.. ========================================================================== Ubuntu Security Notice USN-7369-1 March 24, 2025 elfutils vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in elfutils. Software Description: - elfutils: collection of utilities to handle ELF objects Details: It was discovered that readelf from elfutils could be made to read out of bounds. If a user or automated system were tricked into running readelf on a specially crafted file, an attacker could cause readelf to crash, resulting in a denial of service. This issue only affected Ubuntu 24.04 LTS. (CVE-2024-25260) It was discovered that readelf from elfutils could be made to write out of bounds. If a user or automated system were tricked into running readelf on a specially crafted file, an attacker could cause readelf to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2025-1365) It was discovered that readelf from elfutils could be made to dereference invalid memory. If a user or automated system were tricked into running readelf on a specially crafted file, an attacker could cause readelf to crash, resulting in a denial of service. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2025-1371) It was discovered that readelf from elfutils could be made to dereference invalid memory. If a user or automated system were tricked into running readelf on a specially crafted file, an attacker could cause readelf to crash, resulting in a denial of service. (CVE-2025-1372) It was discovered that strip from elfutils could be made to dereference invalid memory. If a user or automated system were tricked into running strip on aspecially crafted file, an attacker could cause strip to crash, resulting in a denial of service. (CVE-2025-1377) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.10 elfutils 0.191-2ubuntu0.1 Ubuntu 24.04 LTS elfutils 0.190-1.1ubuntu0.1 Ubuntu 22.04 LTS elfutils 0.186-1ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7369-1 CVE-2024-25260, CVE-2025-1365, CVE-2025-1371, CVE-2025-1372, CVE-2025-1377 Package Information: https://launchpad.net/ubuntu/+source/elfutils/0.191-2ubuntu0.1 https://launchpad.net/ubuntu/+source/elfutils/0.190-1.1ubuntu0.1 https://launchpad.net/ubuntu/+source/elfutils/0.186-1ubuntu0.1 . Security updates for elfutils fixed critical issues affecting Ubuntu 22.04 LTS and later versions, including a DoS risk.. security, elfutils, ====================================================. . Severity: Critical. LinuxSecurity.com Team
An issue has been found in elfutils, a collection of utilities to handle ELF objects. Due to missing bound checks and reachable asserts, an attacker can . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3579-1
Several security issues were fixed in elfutils.. ========================================================================== Ubuntu Security Notice USN-6322-1 August 30, 2023 elfutils vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) - Ubuntu 14.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in elfutils. Software Description: - elfutils: collection of utilities to handle ELF objects Details: It was discovered that elfutils incorrectly handled certain malformed files. If a user or automated system were tricked into processing a specially crafted file, elfutils could be made to crash or consume resources, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2018-16062, CVE-2018-16403, CVE-2018-18310, CVE-2018-18520, CVE-2018-18521, CVE-2019-7149, CVE-2019-7150, CVE-2019-7665) It was discovered that elfutils incorrectly handled bounds checks in certain functions when processing malformed files. If a user or automated system were tricked into processing a specially crafted file, elfutils could be made to crash or consume resources, resulting in a denial of service. (CVE-2020-21047, CVE-2021-33294) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: elfutils 0.176-1.1ubuntu0.1 libasm1 0.176-1.1ubuntu0.1 libdw1 0.176-1.1ubuntu0.1 libelf1 0.176-1.1ubuntu0.1 Ubuntu 18.04 LTS (Available with Ubuntu Pro): elfutils 0.170-0.4ubuntu0.1+esm1 libasm1 0.170-0.4ubuntu0.1+esm1 libdw1 0.170-0.4ubuntu0.1+esm1 libelf1 0.170-0.4ubuntu0.1+esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): elfutils 0.165-3ubuntu1.2+esm1 libasm1 0.165-3ubuntu1.2+esm1 libdw1 0.165-3ubuntu1.2+esm1 libelf10.165-3ubuntu1.2+esm1 Ubuntu 14.04 LTS (Available with Ubuntu Pro): elfutils 0.158-0ubuntu5.3+esm1 libasm1 0.158-0ubuntu5.3+esm1 libdw1 0.158-0ubuntu5.3+esm1 libelf1 0.158-0ubuntu5.3+esm1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6322-1 CVE-2018-16062, CVE-2018-16403, CVE-2018-18310, CVE-2018-18520, CVE-2018-18521, CVE-2019-7149, CVE-2019-7150, CVE-2019-7665, CVE-2020-21047, CVE-2021-33294 Package Information: https://launchpad.net/ubuntu/+source/elfutils/0.176-1.1ubuntu0.1 . Recent vulnerabilities in Ubuntu's LTS elfutils could lead to unauthorized resource access; users should promptly update their systems for enhanced security. Ubuntu Security Notice, elfutils, denial of service, LTS updates. . Severity: Critical. LinuxSecurity.com Team
An update that fixes 19 vulnerabilities, contains one feature is now available. . SUSE Security Update: Security update for dwarves and elfutils ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:2614-2 Rating: moderate References: #1033084 #1033085 #1033086 #1033087 #1033088 #1033089 #1033090 #1082318 #1104264 #1106390 #1107066 #1107067 #1111973 #1112723 #1112726 #1123685 #1125007 SLE-24501 Cross-References: CVE-2017-7607 CVE-2017-7608 CVE-2017-7609 CVE-2017-7610 CVE-2017-7611 CVE-2017-7612 CVE-2017-7613 CVE-2018-16062 CVE-2018-16402 CVE-2018-16403 CVE-2018-18310 CVE-2018-18520 CVE-2018-18521 CVE-2019-7146 CVE-2019-7148 CVE-2019-7149 CVE-2019-7150 CVE-2019-7664 CVE-2019-7665 CVSS scores: CVE-2017-7607 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7607 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7608 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7608 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7609 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7609 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7610 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7610 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7611 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7611 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7612 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7612 (SUSE): 3.3CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7613 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7613 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-16062 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-16062 (SUSE): 5.4 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L CVE-2018-16402 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2018-16402 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-16403 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-16403 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-18310 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-18310 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-18520 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-18520 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-18521 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-18521 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2019-7146 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7148 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7149 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7150 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7150 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2019-7664 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7664 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2019-7665 (NVD) : 5.5CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7665 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: openSUSE Leap Micro 5.2 ______________________________________________________________________________ An update that fixes 19 vulnerabilities, contains one feature is now available. Description: This update for dwarves and elfutils fixes the following issues: elfutils was updated to version 0.177 (jsc#SLE-24501): - elfclassify: New tool to analyze ELF objects. - readelf: Print DW_AT_data_member_location as decimal offset. Decode DW_AT_discr_list block attributes. - libdw: Add DW_AT_GNU_numerator, DW_AT_GNU_denominator and DW_AT_GNU_bias. - libdwelf: Add dwelf_elf_e_machine_string. dwelf_elf_begin now only returns NULL when there is an error reading or decompressing a file. If the file is not an ELF file an ELF handle of type ELF_K_NONE is returned. - backends: Add support for C-SKY. Update to version 0.176: - build: Add new --enable-install-elfh option. Do NOT use this for system installs (it overrides glibc elf.h). - backends: riscv improved core file and return value location support. - Fixes: - CVE-2019-7146, CVE-2019-7148, CVE-2019-7149, CVE-2019-7664 - CVE-2019-7150: dwfl_segment_report_module doesn't check whether the dyn data read from core file is truncated (bsc#1123685) - CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (CVE is a bit misleading, as this is not a bug in libelf as described) (bsc#1125007) Update to version 0.175: - readelf: Handle mutliple .debug_macro sections. Recognize and parse GNU Property, NT_VERSION and GNU Build Attribute ELF Notes. - strip: Handle SHT_GROUP correctly. Add strip --reloc-debug-sections-only option. Handle relocations against GNU compressed sections. - libdwelf: New function dwelf_elf_begin. - libcpu: Recognize bpf jump variantsBPF_JLT, BPF_JLE, BPF_JSLT and BPF_JSLE. backends: RISCV handles ADD/SUB relocations. Handle SHT_X86_64_UNWIND. - CVE-2018-18521: arlib: Divide-by-zero vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bsc#1112723) - CVE-2018-18310: Invalid Address Read problem in dwfl_segment_report_module.c (bsc#1111973) - CVE-2018-18520: eu-size: Bad handling of ar files inside are files (bsc#1112726) Update to version 0.174: - libelf, libdw and all tools now handle extended shnum and shstrndx correctly. - elfcompress: Don't rewrite input file if no section data needs updating. Try harder to keep same file mode bits (suid) on rewrite. - strip: Handle mixed (out of order) allocated/non-allocated sections. - unstrip: Handle SHT_GROUP sections. - backends: RISCV and M68K now have backend implementations to generate CFI based backtraces. - Fixes: - CVE-2018-16402: libelf: denial of service/double free on an attempt to decompress the same section twice (bsc#1107066) Double-free crash in nm and readelf - CVE-2018-16403: heap buffer overflow in readelf (bsc#1107067) - CVE-2018-16062: heap-buffer-overflow in /elfutils/libdw/dwarf_getaranges.c:156 (bsc#1106390) Update to version 0.173: - More fixes for crashes and hangs found by afl-fuzz. In particular various functions now detect and break infinite loops caused by bad DIE tree cycles. - readelf: Will now lookup the size and signedness of constant value types to display them correctly (and not just how they were encoded). - libdw: New function dwarf_next_lines to read CU-less .debug_line data. dwarf_begin_elf now accepts ELF files containing just .debug_line or .debug_frame sections (which can be read without needing a DIE tree from the .debug_info section). Removed dwarf_getscn_info, which was never implemented. - backends: Handle BPF simple relocations. The RISCV backends now handles ABI specific CFI and knows about RISCV register types and names. Update to version 0.172: - Various bug fixes in libdw and eu-readelf dealing with bad DWARF5 data. Thanks to running the afl fuzzer on eu-readelf and various testcases. Update to version 0.171: - DWARF5 and split dwarf, including GNU DebugFission, are supported now. Data can be read from the new DWARF sections .debug_addr, .debug_line_str, .debug_loclists, .debug_str_offsets and .debug_rnglists. Plus the new DWARF5 and GNU DebugFission encodings of the existing .debug sections. Also in split DWARF .dwo (DWARF object) files. This support is mostly handled by existing functions (dwarf_getlocation*, dwarf_getsrclines, dwarf_ranges, dwarf_form*, etc.) now returning the data from the new sections and data formats. But some new functions have been added to more easily get information about skeleton and split compile units (dwarf_get_units and dwarf_cu_info), handle new attribute data (dwarf_getabbrevattr_data) and to keep references to Dwarf_Dies that might come from different sections or files (dwarf_die_addr_die). - Not yet supported are .dwp (Dwarf Package) and .sup (Dwarf Supplementary) files, the .debug_names index, the .debug_cu_index and .debug_tu_index sections. Only a single .debug_info (and .debug_types) section are currently handled. - readelf: Handle all new DWARF5 sections. --debug-dump=info+ will show split unit DIEs when found. --dwarf-skeleton can be used when inspecting a .dwo file. Recognizes GNU locviews with --debug-dump=loc. - libdw: New functions dwarf_die_addr_die, dwarf_get_units, dwarf_getabbrevattr_data and dwarf_cu_info. libdw will now try to resolve the alt file on first use of an alt attribute FORM when not set yet with dwarf_set_alt. dwarf_aggregate_size() now works with multi-dimensional arrays. - libdwfl: Use process_vm_readv when available instead of ptrace. backends: Add a RISC-V backend. There were various improvements to build on Windows. The sha1 and md5 implementations have been removed, they weren't used. Update to version 0.170: - libdw: Added new DWARF5 attribute, tag, character encoding, language code, calling convention, defaulted member function and macro constants to dwarf.h. New functions dwarf_default_lower_bound and dwarf_line_file. dwarf_peel_type now handles DWARF5 immutable, packed and shared tags. dwarf_getmacros now handles DWARF5 .debug_macro sections. - strip: Add -R, --remove-section=SECTION and --keep-section=SECTION. - backends: The bpf disassembler is now always build on all platforms. Update to version 0.169: - backends: Add support for EM_PPC64 GNU_ATTRIBUTES. Frame pointer unwinding fallback support for i386, x86_64, aarch64. - translations: Update Polish translation. - CVE-2017-7611: elfutils: DoS (heap-based buffer over-read and application crash) via a crafted ELF file (bsc#1033088) - CVE-2017-7610: elflint: heap-based buffer overflow in check_group (bsc#1033087) - CVE-2017-7609: memory allocation failure in __libelf_decompress (bsc#1033086) - CVE-2017-7607: heap-based buffer overflow in handle_gnu_hashi (readelf.c) (bsc#1033084) - CVE-2017-7608: heap-based buffer overflow in ebl_object_note_type_name (eblobjnotetypename.c) (bsc#1033085) - CVE-2017-7613: elfutils: denial of service (memory consumption) via a crafted ELF file (bsc#1033090) - CVE-2017-7612: elfutils: denial of service (heap-based buffer over-read and application crash) via a crafted ELF file (bsc#1033089) - Don't make elfutils recommend elfutils-lang as elfutils-lang already supplements elfutils. dwarves is shipped new in version 1.22 to provide tooling for use by the Linux Kernel BTF verification framework. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installationmethods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap Micro 5.2: zypper in -t patch openSUSE-Leap-Micro-5.2-2022-2614=1 Package List: - openSUSE Leap Micro 5.2 (aarch64 x86_64): dwarves-1.22-150300.7.3.1 dwarves-debuginfo-1.22-150300.7.3.1 dwarves-debugsource-1.22-150300.7.3.1 elfutils-0.177-150300.11.3.1 elfutils-debuginfo-0.177-150300.11.3.1 elfutils-debugsource-0.177-150300.11.3.1 libasm1-0.177-150300.11.3.1 libasm1-debuginfo-0.177-150300.11.3.1 libdw1-0.177-150300.11.3.1 libdw1-debuginfo-0.177-150300.11.3.1 libdwarves-devel-1.22-150300.7.3.1 libdwarves1-1.22-150300.7.3.1 libdwarves1-debuginfo-1.22-150300.7.3.1 libebl-plugins-0.177-150300.11.3.1 libebl-plugins-debuginfo-0.177-150300.11.3.1 libelf1-0.177-150300.11.3.1 libelf1-debuginfo-0.177-150300.11.3.1 References: https://www.suse.com/security/cve/CVE-2017-7607.html https://www.suse.com/security/cve/CVE-2017-7608.html https://www.suse.com/security/cve/CVE-2017-7609.html https://www.suse.com/security/cve/CVE-2017-7610.html https://www.suse.com/security/cve/CVE-2017-7611.html https://www.suse.com/security/cve/CVE-2017-7612.html https://www.suse.com/security/cve/CVE-2017-7613.html https://www.suse.com/security/cve/CVE-2018-16062.html https://www.suse.com/security/cve/CVE-2018-16402.html https://www.suse.com/security/cve/CVE-2018-16403.html https://www.suse.com/security/cve/CVE-2018-18310.html https://www.suse.com/security/cve/CVE-2018-18520.html https://www.suse.com/security/cve/CVE-2018-18521.html https://www.suse.com/security/cve/CVE-2019-7146.html https://www.suse.com/security/cve/CVE-2019-7148.html https://www.suse.com/security/cve/CVE-2019-7149.html https://www.suse.com/security/cve/CVE-2019-7150.html https://www.suse.com/security/cve/CVE-2019-7664.html https://www.suse.com/security/cve/CVE-2019-7665.html https://bugzilla.suse.com/1033084 https://bugzilla.suse.com/1033085 https://bugzilla.suse.com/1033086 https://bugzilla.suse.com/1033087 https://bugzilla.suse.com/1033088 https://bugzilla.suse.com/1033089 https://bugzilla.suse.com/1033090 https://bugzilla.suse.com/1082318 https://bugzilla.suse.com/1104264 https://bugzilla.suse.com/1106390 https://bugzilla.suse.com/1107066 https://bugzilla.suse.com/1107067 https://bugzilla.suse.com/1111973 https://bugzilla.suse.com/1112723 https://bugzilla.suse.com/1112726 https://bugzilla.suse.com/1123685 https://bugzilla.suse.com/1125007 . The latest patch for dwarf utilities and elfutils addresses 19 moderate-severity vulnerabilities, enhancing the overall security posture of openSUSE.. openSUSE Update, moderate Security Advisory, elfutils issues, dwarves support. . LinuxSecurity.com Team
An update that fixes 19 vulnerabilities, contains one feature is now available. . SUSE Security Update: Security update for dwarves and elfutils ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:2614-1 Rating: moderate References: #1033084 #1033085 #1033086 #1033087 #1033088 #1033089 #1033090 #1082318 #1104264 #1106390 #1107066 #1107067 #1111973 #1112723 #1112726 #1123685 #1125007 SLE-24501 Cross-References: CVE-2017-7607 CVE-2017-7608 CVE-2017-7609 CVE-2017-7610 CVE-2017-7611 CVE-2017-7612 CVE-2017-7613 CVE-2018-16062 CVE-2018-16402 CVE-2018-16403 CVE-2018-18310 CVE-2018-18520 CVE-2018-18521 CVE-2019-7146 CVE-2019-7148 CVE-2019-7149 CVE-2019-7150 CVE-2019-7664 CVE-2019-7665 CVSS scores: CVE-2017-7607 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7607 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7608 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7608 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7609 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7609 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7610 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7610 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7611 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7611 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7612 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7612 (SUSE): 3.3CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2017-7613 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-7613 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-16062 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-16062 (SUSE): 5.4 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L CVE-2018-16402 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2018-16402 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-16403 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-16403 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-18310 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-18310 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-18520 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-18520 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2018-18521 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-18521 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2019-7146 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7148 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7149 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7150 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7150 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2019-7664 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7664 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2019-7665 (NVD) : 5.5CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-7665 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Linux Enterprise Storage 7.1 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.2 openSUSE Leap 15.3 ______________________________________________________________________________ An update that fixes 19 vulnerabilities, contains one feature is now available. Description: This update for dwarves and elfutils fixes the following issues: elfutils was updated to version 0.177 (jsc#SLE-24501): - elfclassify: New tool to analyze ELF objects. - readelf: Print DW_AT_data_member_location as decimal offset. Decode DW_AT_discr_list block attributes. - libdw: Add DW_AT_GNU_numerator, DW_AT_GNU_denominator and DW_AT_GNU_bias. - libdwelf: Add dwelf_elf_e_machine_string. dwelf_elf_begin now only returns NULL when there is an error reading or decompressing a file. If the file is not an ELF file an ELF handle of type ELF_K_NONE is returned. - backends: Add support for C-SKY. Update to version 0.176: - build: Add new --enable-install-elfh option. Do NOT use this for system installs (it overrides glibc elf.h). - backends: riscv improved core file and return value location support. - Fixes: - CVE-2019-7146, CVE-2019-7148, CVE-2019-7149, CVE-2019-7664 - CVE-2019-7150: dwfl_segment_report_module doesn't check whether the dyn dataread from core file is truncated (bsc#1123685) - CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (CVE is a bit misleading, as this is not a bug in libelf as described) (bsc#1125007) Update to version 0.175: - readelf: Handle mutliple .debug_macro sections. Recognize and parse GNU Property, NT_VERSION and GNU Build Attribute ELF Notes. - strip: Handle SHT_GROUP correctly. Add strip --reloc-debug-sections-only option. Handle relocations against GNU compressed sections. - libdwelf: New function dwelf_elf_begin. - libcpu: Recognize bpf jump variants BPF_JLT, BPF_JLE, BPF_JSLT and BPF_JSLE. backends: RISCV handles ADD/SUB relocations. Handle SHT_X86_64_UNWIND. - CVE-2018-18521: arlib: Divide-by-zero vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bsc#1112723) - CVE-2018-18310: Invalid Address Read problem in dwfl_segment_report_module.c (bsc#1111973) - CVE-2018-18520: eu-size: Bad handling of ar files inside are files (bsc#1112726) Update to version 0.174: - libelf, libdw and all tools now handle extended shnum and shstrndx correctly. - elfcompress: Don't rewrite input file if no section data needs updating. Try harder to keep same file mode bits (suid) on rewrite. - strip: Handle mixed (out of order) allocated/non-allocated sections. - unstrip: Handle SHT_GROUP sections. - backends: RISCV and M68K now have backend implementations to generate CFI based backtraces. - Fixes: - CVE-2018-16402: libelf: denial of service/double free on an attempt to decompress the same section twice (bsc#1107066) Double-free crash in nm and readelf - CVE-2018-16403: heap buffer overflow in readelf (bsc#1107067) - CVE-2018-16062: heap-buffer-overflow in /elfutils/libdw/dwarf_getaranges.c:156 (bsc#1106390) Update to version 0.173: - More fixes for crashes and hangs found by afl-fuzz. In particular variousfunctions now detect and break infinite loops caused by bad DIE tree cycles. - readelf: Will now lookup the size and signedness of constant value types to display them correctly (and not just how they were encoded). - libdw: New function dwarf_next_lines to read CU-less .debug_line data. dwarf_begin_elf now accepts ELF files containing just .debug_line or .debug_frame sections (which can be read without needing a DIE tree from the .debug_info section). Removed dwarf_getscn_info, which was never implemented. - backends: Handle BPF simple relocations. The RISCV backends now handles ABI specific CFI and knows about RISCV register types and names. Update to version 0.172: - Various bug fixes in libdw and eu-readelf dealing with bad DWARF5 data. Thanks to running the afl fuzzer on eu-readelf and various testcases. Update to version 0.171: - DWARF5 and split dwarf, including GNU DebugFission, are supported now. Data can be read from the new DWARF sections .debug_addr, .debug_line_str, .debug_loclists, .debug_str_offsets and .debug_rnglists. Plus the new DWARF5 and GNU DebugFission encodings of the existing .debug sections. Also in split DWARF .dwo (DWARF object) files. This support is mostly handled by existing functions (dwarf_getlocation*, dwarf_getsrclines, dwarf_ranges, dwarf_form*, etc.) now returning the data from the new sections and data formats. But some new functions have been added to more easily get information about skeleton and split compile units (dwarf_get_units and dwarf_cu_info), handle new attribute data (dwarf_getabbrevattr_data) and to keep references to Dwarf_Dies that might come from different sections or files (dwarf_die_addr_die). - Not yet supported are .dwp (Dwarf Package) and .sup (Dwarf Supplementary) files, the .debug_names index, the .debug_cu_index and .debug_tu_index sections. Only a single .debug_info (and .debug_types) section arecurrently handled. - readelf: Handle all new DWARF5 sections. --debug-dump=info+ will show split unit DIEs when found. --dwarf-skeleton can be used when inspecting a .dwo file. Recognizes GNU locviews with --debug-dump=loc. - libdw: New functions dwarf_die_addr_die, dwarf_get_units, dwarf_getabbrevattr_data and dwarf_cu_info. libdw will now try to resolve the alt file on first use of an alt attribute FORM when not set yet with dwarf_set_alt. dwarf_aggregate_size() now works with multi-dimensional arrays. - libdwfl: Use process_vm_readv when available instead of ptrace. backends: Add a RISC-V backend. There were various improvements to build on Windows. The sha1 and md5 implementations have been removed, they weren't used. Update to version 0.170: - libdw: Added new DWARF5 attribute, tag, character encoding, language code, calling convention, defaulted member function and macro constants to dwarf.h. New functions dwarf_default_lower_bound and dwarf_line_file. dwarf_peel_type now handles DWARF5 immutable, packed and shared tags. dwarf_getmacros now handles DWARF5 .debug_macro sections. - strip: Add -R, --remove-section=SECTION and --keep-section=SECTION. - backends: The bpf disassembler is now always build on all platforms. Update to version 0.169: - backends: Add support for EM_PPC64 GNU_ATTRIBUTES. Frame pointer unwinding fallback support for i386, x86_64, aarch64. - translations: Update Polish translation. - CVE-2017-7611: elfutils: DoS (heap-based buffer over-read and application crash) via a crafted ELF file (bsc#1033088) - CVE-2017-7610: elflint: heap-based buffer overflow in check_group (bsc#1033087) - CVE-2017-7609: memory allocation failure in __libelf_decompress (bsc#1033086) - CVE-2017-7607: heap-based buffer overflow in handle_gnu_hashi (readelf.c) (bsc#1033084) - CVE-2017-7608: heap-based buffer overflow inebl_object_note_type_name (eblobjnotetypename.c) (bsc#1033085) - CVE-2017-7613: elfutils: denial of service (memory consumption) via a crafted ELF file (bsc#1033090) - CVE-2017-7612: elfutils: denial of service (heap-based buffer over-read and application crash) via a crafted ELF file (bsc#1033089) - Don't make elfutils recommend elfutils-lang as elfutils-lang already supplements elfutils. dwarves is shipped new in version 1.22 to provide tooling for use by the Linux Kernel BTF verification framework. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-2614=1 - SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-2614=1 - SUSE Linux Enterprise Micro 5.2: zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-2614=1 - SUSE Linux Enterprise Micro 5.1: zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-2614=1 Package List: - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): dwarves-1.22-150300.7.3.1 dwarves-debuginfo-1.22-150300.7.3.1 dwarves-debugsource-1.22-150300.7.3.1 elfutils-0.177-150300.11.3.1 elfutils-debuginfo-0.177-150300.11.3.1 elfutils-debugsource-0.177-150300.11.3.1 libasm-devel-0.177-150300.11.3.1 libasm1-0.177-150300.11.3.1 libasm1-debuginfo-0.177-150300.11.3.1 libdw-devel-0.177-150300.11.3.1 libdw1-0.177-150300.11.3.1 libdw1-debuginfo-0.177-150300.11.3.1 libdwarves-devel-1.22-150300.7.3.1 libdwarves1-1.22-150300.7.3.1 libdwarves1-debuginfo-1.22-150300.7.3.1 libebl-devel-0.177-150300.11.3.1 libebl-plugins-0.177-150300.11.3.1 libebl-plugins-debuginfo-0.177-150300.11.3.1 libelf-devel-0.177-150300.11.3.1 libelf1-0.177-150300.11.3.1 libelf1-debuginfo-0.177-150300.11.3.1 - openSUSE Leap 15.3 (x86_64): libasm1-32bit-0.177-150300.11.3.1 libasm1-32bit-debuginfo-0.177-150300.11.3.1 libdw1-32bit-0.177-150300.11.3.1 libdw1-32bit-debuginfo-0.177-150300.11.3.1 libdwarves-devel-32bit-1.22-150300.7.3.1 libdwarves1-32bit-1.22-150300.7.3.1 libdwarves1-32bit-debuginfo-1.22-150300.7.3.1 libebl-plugins-32bit-0.177-150300.11.3.1 libebl-plugins-32bit-debuginfo-0.177-150300.11.3.1 libelf-devel-32bit-0.177-150300.11.3.1 libelf1-32bit-0.177-150300.11.3.1 libelf1-32bit-debuginfo-0.177-150300.11.3.1 - openSUSE Leap 15.3 (noarch): elfutils-lang-0.177-150300.11.3.1 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64): dwarves-1.22-150300.7.3.1 dwarves-debuginfo-1.22-150300.7.3.1 dwarves-debugsource-1.22-150300.7.3.1 elfutils-0.177-150300.11.3.1 elfutils-debuginfo-0.177-150300.11.3.1 elfutils-debugsource-0.177-150300.11.3.1 libasm-devel-0.177-150300.11.3.1 libasm1-0.177-150300.11.3.1 libasm1-debuginfo-0.177-150300.11.3.1 libdw-devel-0.177-150300.11.3.1 libdw1-0.177-150300.11.3.1 libdw1-debuginfo-0.177-150300.11.3.1 libdwarves-devel-1.22-150300.7.3.1 libdwarves1-1.22-150300.7.3.1 libdwarves1-debuginfo-1.22-150300.7.3.1 libebl-devel-0.177-150300.11.3.1 libebl-plugins-0.177-150300.11.3.1 libebl-plugins-debuginfo-0.177-150300.11.3.1 libelf-devel-0.177-150300.11.3.1 libelf1-0.177-150300.11.3.1 libelf1-debuginfo-0.177-150300.11.3.1 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch): elfutils-lang-0.177-150300.11.3.1 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64): libdw1-32bit-0.177-150300.11.3.1 libdw1-32bit-debuginfo-0.177-150300.11.3.1 libdwarves-devel-32bit-1.22-150300.7.3.1 libdwarves1-32bit-1.22-150300.7.3.1 libdwarves1-32bit-debuginfo-1.22-150300.7.3.1 libebl-plugins-32bit-0.177-150300.11.3.1 libebl-plugins-32bit-debuginfo-0.177-150300.11.3.1 libelf1-32bit-0.177-150300.11.3.1 libelf1-32bit-debuginfo-0.177-150300.11.3.1 - SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64): dwarves-1.22-150300.7.3.1 dwarves-debuginfo-1.22-150300.7.3.1 dwarves-debugsource-1.22-150300.7.3.1 elfutils-0.177-150300.11.3.1 elfutils-debuginfo-0.177-150300.11.3.1 elfutils-debugsource-0.177-150300.11.3.1 libasm1-0.177-150300.11.3.1 libasm1-debuginfo-0.177-150300.11.3.1 libdw1-0.177-150300.11.3.1 libdw1-debuginfo-0.177-150300.11.3.1 libdwarves-devel-1.22-150300.7.3.1 libdwarves1-1.22-150300.7.3.1 libdwarves1-debuginfo-1.22-150300.7.3.1 libebl-plugins-0.177-150300.11.3.1 libebl-plugins-debuginfo-0.177-150300.11.3.1 libelf1-0.177-150300.11.3.1 libelf1-debuginfo-0.177-150300.11.3.1 - SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64): dwarves-1.22-150300.7.3.1 dwarves-debuginfo-1.22-150300.7.3.1 dwarves-debugsource-1.22-150300.7.3.1 elfutils-0.177-150300.11.3.1 elfutils-debuginfo-0.177-150300.11.3.1 elfutils-debugsource-0.177-150300.11.3.1 libasm1-0.177-150300.11.3.1 libasm1-debuginfo-0.177-150300.11.3.1 libdw1-0.177-150300.11.3.1 libdw1-debuginfo-0.177-150300.11.3.1 libdwarves-devel-1.22-150300.7.3.1 libdwarves1-1.22-150300.7.3.1 libdwarves1-debuginfo-1.22-150300.7.3.1 libebl-plugins-0.177-150300.11.3.1 libebl-plugins-debuginfo-0.177-150300.11.3.1 libelf1-0.177-150300.11.3.1 libelf1-debuginfo-0.177-150300.11.3.1 References: https://www.suse.com/security/cve/CVE-2017-7607.html https://www.suse.com/security/cve/CVE-2017-7608.html https://www.suse.com/security/cve/CVE-2017-7609.html https://www.suse.com/security/cve/CVE-2017-7610.html https://www.suse.com/security/cve/CVE-2017-7611.html https://www.suse.com/security/cve/CVE-2017-7612.html https://www.suse.com/security/cve/CVE-2017-7613.html https://www.suse.com/security/cve/CVE-2018-16062.html https://www.suse.com/security/cve/CVE-2018-16402.html https://www.suse.com/security/cve/CVE-2018-16403.html https://www.suse.com/security/cve/CVE-2018-18310.html https://www.suse.com/security/cve/CVE-2018-18520.html https://www.suse.com/security/cve/CVE-2018-18521.html https://www.suse.com/security/cve/CVE-2019-7146.html https://www.suse.com/security/cve/CVE-2019-7148.html https://www.suse.com/security/cve/CVE-2019-7149.html https://www.suse.com/security/cve/CVE-2019-7150.html https://www.suse.com/security/cve/CVE-2019-7664.html https://www.suse.com/security/cve/CVE-2019-7665.html https://bugzilla.suse.com/1033084 https://bugzilla.suse.com/1033085 https://bugzilla.suse.com/1033086 https://bugzilla.suse.com/1033087 https://bugzilla.suse.com/1033088 https://bugzilla.suse.com/1033089 https://bugzilla.suse.com/1033090 https://bugzilla.suse.com/1082318 https://bugzilla.suse.com/1104264 https://bugzilla.suse.com/1106390 https://bugzilla.suse.com/1107066 https://bugzilla.suse.com/1107067 https://bugzilla.suse.com/1111973 https://bugzilla.suse.com/1112723 https://bugzilla.suse.com/1112726 https://bugzilla.suse.com/1123685 https://bugzilla.suse.com/1125007 . Oracle releases a patch to address various security flaws in Liberty and JBoss, improving infrastructure reliability.. SUSE Security Update,dwarves patch,elfutils vulnerabilities,security update. . Severity: Important. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.