CVE-2025-1352

5.0 MEDIUM

A vulnerability has been found in GNU elfutils 0.192 and classified as critical

Published: 2025-02-16 · Last updated: 2026-06-02

Severity and scoring

CVSS: 5.0 MEDIUM
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
CWE: CWE-119

Affected products

Vendor	Product
elfutils_project	elfutils

Description

A vulnerability has been found in GNU elfutils 0.192 and classified as critical. This vulnerability affects the function __libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf. The manipulation of the argument w leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 2636426a091bd6c6f7f02e49ab20d4cdc6bfc753. It is recommended to apply a patch to fix this issue.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2025-1352
[Other]https://sourceware.org/bugzilla/attachment.cgi?id=15923
[Exploit reference]https://sourceware.org/bugzilla/show_bug.cgi?id=32650
[Other]https://sourceware.org/bugzilla/show_bug.cgi?id=32650#c2
[Other]https://vuldb.com/?ctiid.295960
[Other]https://vuldb.com/?id.295960
[Other]https://vuldb.com/?submit.495965
[Other]https://www.gnu.org/
[Other]https://cert-portal.siemens.com/productcert/html/ssa-253495.html

Related CVEs

Same vendor

CVE-2025-1376 — A vulnerability classified as problematic was found in GNU elfutils 0.192 (2.5 LOW)

Same CWE

CVE-2026-0409 — A NETGEAR security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Intern...
CVE-2026-11623 — A security vulnerability has been detected in tmux up to 3.6a (4.5 MEDIUM)
CVE-2026-11557 — A weakness has been identified in Tenda F451 1.0.0.7/1.0.0.9 (8.8 HIGH)
CVE-2026-11553 — A vulnerability was found in Tenda HG7HG9 and HG10 300001138_en_xpon (8.8 HIGH)
CVE-2026-11528 — A vulnerability was found in Tenda AC18 15.03.05.05 (8.8 HIGH)