5.3

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2025-1365

GHSA ID

GHSA-h2c8-cfp8-j597

EPSS Score

0.08404%

CWE

CWE-119

Published

2/17/2025

Updated

2/17/2025

KEV Status

Technology

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-1365

CVE-2025-1365: A vulnerability, which was classified as critical, was found in GNU elfutils 0.192. This affects...

A vulnerability, which was classified as critical, was found in GNU elfutils 0.192. This affects the function process_symtab of the file readelf.c of the component eu-readelf. The manipulation of the argument D/a leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 5e5c0394d82c53e97750fe7b18023e6f84157b81. It is recommended to apply a patch to fix this issue.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2025-1365

CVE-2025-1365:

5.3

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2025-1365

GHSA ID

GHSA-h2c8-cfp8-j597

EPSS Score

0.08404%

CWE

CWE-119

Published

2/17/2025

Updated

2/17/2025

KEV Status

Technology

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerable function process_symtab in readelf.c was identified directly from the vulnerability description. The description states that manipulation of the 'D/a' argument leads to a buffer overflow within this function. Due to the inability to fetch the actual commit diff (patch identifier 5e5c0394d82c53e97750fe7b18023e6f84157b81), the confidence is 'medium' as the analysis relies solely on the textual description rather than direct code inspection of the patch. The component is 'eu-readelf'..

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

5.3

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2025-1365: A vulnerability, which was classified as critical, was found in GNU elfutils 0.192. This affects...

CVE-2025-1365:

5.3

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Basic Information

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2025-1365: A vulnerability, which was classified as critical, was found in GNU elfutils 0.192. This affects...

5.3

5.3

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI