Published: 17/02/2025 Updated: 17/02/2025

Local Buffer Overflow Vulnerability in GNU elfutils 0.192 Readelf Component

A critical vulnerability has been discovered in GNU elfutils version 0.192. The issue exists in the dump_data_section/print_string_section function within the readelf.c file of the eu-readelf component. By manipulating the z/x argument, an attacker can trigger a buffer overflow vulnerability. This security flaw requires a local attack approach. The vulnerability details have been made public, and an exploit may potentially be used. The patch for addressing this security issue is identified by the commit hash 73db9d2021cab9e23fd734b0a76a612d52a6f1db. Users are strongly advised to apply the available patch to mitigate the risk.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu elfutils

CWE-119 CWE-120 https://nvd.nist.gov https://www.first.org/epss https://sourceware.org/bugzilla/attachment.cgi?id=15927 https://sourceware.org/bugzilla/show_bug.cgi?id=32656 https://sourceware.org/bugzilla/show_bug.cgi?id=32656#c3 https://sourceware.org/bugzilla/show_bug.cgi?id=32657 https://vuldb.com/?ctiid.295981 https://vuldb.com/?id.295981 https://vuldb.com/?submit.496485 https://www.gnu.org/

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2025-1372

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect