Описание
Security update for elfutils
This update for elfutils fixes the following issues:
-
Fixing build/testsuite for more recent glibc and kernels.
-
Fixing denial of service and general buffer overflow errors (bsc#1237236, bsc#1237240, bsc#1237241, bsc#1237242):
- CVE-2025-1376: Fixed denial of service in function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip
- CVE-2025-1377: Fixed denial of service in function gelf_getsymshndx of the file strip.c of the component eu-strip
- CVE-2025-1372: Fixed buffer overflow in function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf
- CVE-2025-1352: Fixed SEGV (illegal read access) in function __libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf
-
Fixing testsuite race conditions in run-debuginfod-find.sh.
Список пакетов
Container bci/bci-minimal:15.6
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
Container bci/bci-minimal:latest
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
Container bci/bci-sle15-kernel-module-devel:15.6
libdw1-0.185-150400.5.8.3
libelf-devel-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
Container bci/bci-sle15-kernel-module-devel:latest
libdw1-0.185-150400.5.8.3
libelf-devel-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
Container bci/spack:0.23
libelf1-0.185-150400.5.8.3
Container bci/spack:latest
libelf1-0.185-150400.5.8.3
Container containers/open-webui:0
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
Container containers/pytorch:2-nvidia
libelf1-0.185-150400.5.8.3
Container suse/389-ds:latest
libelf1-0.185-150400.5.8.3
Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest
elfutils-0.185-150400.5.8.3
libasm1-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
Container suse/kiosk/firefox-esr:latest
libelf1-0.185-150400.5.8.3
Container suse/kiosk/pulseaudio:latest
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
Container suse/kiosk/xorg:latest
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
Container suse/manager/4.3/proxy-httpd:latest
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
Container suse/manager/4.3/proxy-salt-broker:latest
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
Container suse/sle-micro-rancher/5.3:latest
elfutils-0.185-150400.5.8.3
libasm1-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
Container suse/sle-micro-rancher/5.4:latest
elfutils-0.185-150400.5.8.3
libasm1-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
Container suse/sle-micro/5.3/toolbox:latest
libdebuginfod1-dummy-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
Container suse/sle-micro/5.4/toolbox:latest
libdebuginfod1-dummy-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
Container suse/sle-micro/5.5/toolbox:latest
libdebuginfod1-dummy-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
Container suse/sle-micro/5.5:latest
elfutils-0.185-150400.5.8.3
libasm1-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
Container suse/sle-micro/base-5.5:latest
elfutils-0.185-150400.5.8.3
libasm1-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
Container suse/sle-micro/kvm-5.5:latest
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
Container suse/sle-micro/rt-5.5:latest
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
Container suse/sle15:15.6
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
Container suse/sle15:latest
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
debuginfod-client-0.185-150400.5.8.2
elfutils-0.185-150400.5.8.3
elfutils-lang-0.185-150400.5.8.3
libasm-devel-0.185-150400.5.8.3
libasm1-0.185-150400.5.8.3
libdebuginfod1-0.185-150400.5.8.2
libdw-devel-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libdw1-32bit-0.185-150400.5.8.3
libelf-devel-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
libelf1-32bit-0.185-150400.5.8.3
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
debuginfod-client-0.185-150400.5.8.2
elfutils-0.185-150400.5.8.3
elfutils-lang-0.185-150400.5.8.3
libasm-devel-0.185-150400.5.8.3
libasm1-0.185-150400.5.8.3
libdebuginfod1-0.185-150400.5.8.2
libdw-devel-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libdw1-32bit-0.185-150400.5.8.3
libelf-devel-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
libelf1-32bit-0.185-150400.5.8.3
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
debuginfod-client-0.185-150400.5.8.2
elfutils-0.185-150400.5.8.3
elfutils-lang-0.185-150400.5.8.3
libasm-devel-0.185-150400.5.8.3
libasm1-0.185-150400.5.8.3
libdebuginfod-devel-0.185-150400.5.8.2
libdebuginfod1-0.185-150400.5.8.2
libdw-devel-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libdw1-32bit-0.185-150400.5.8.3
libelf-devel-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
libelf1-32bit-0.185-150400.5.8.3
SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
debuginfod-client-0.185-150400.5.8.2
elfutils-0.185-150400.5.8.3
elfutils-lang-0.185-150400.5.8.3
libasm-devel-0.185-150400.5.8.3
libasm1-0.185-150400.5.8.3
libdebuginfod-devel-0.185-150400.5.8.2
libdebuginfod1-0.185-150400.5.8.2
libdw-devel-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libdw1-32bit-0.185-150400.5.8.3
libelf-devel-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
libelf1-32bit-0.185-150400.5.8.3
SUSE Linux Enterprise Micro 5.3
elfutils-0.185-150400.5.8.3
libasm1-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
SUSE Linux Enterprise Micro 5.4
elfutils-0.185-150400.5.8.3
libasm1-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
SUSE Linux Enterprise Micro 5.5
elfutils-0.185-150400.5.8.3
libasm1-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
SUSE Linux Enterprise Module for Basesystem 15 SP6
debuginfod-client-0.185-150400.5.8.2
elfutils-0.185-150400.5.8.3
elfutils-lang-0.185-150400.5.8.3
libasm-devel-0.185-150400.5.8.3
libasm1-0.185-150400.5.8.3
libdebuginfod-devel-0.185-150400.5.8.2
libdebuginfod1-0.185-150400.5.8.2
libdw-devel-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libdw1-32bit-0.185-150400.5.8.3
libelf-devel-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
libelf1-32bit-0.185-150400.5.8.3
SUSE Linux Enterprise Module for Basesystem 15 SP7
debuginfod-client-0.185-150400.5.8.2
elfutils-0.185-150400.5.8.3
elfutils-lang-0.185-150400.5.8.3
libasm-devel-0.185-150400.5.8.3
libasm1-0.185-150400.5.8.3
libdebuginfod-devel-0.185-150400.5.8.2
libdebuginfod1-0.185-150400.5.8.2
libdw-devel-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libdw1-32bit-0.185-150400.5.8.3
libelf-devel-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
libelf1-32bit-0.185-150400.5.8.3
SUSE Linux Enterprise Server 15 SP4-LTSS
debuginfod-client-0.185-150400.5.8.2
elfutils-0.185-150400.5.8.3
elfutils-lang-0.185-150400.5.8.3
libasm-devel-0.185-150400.5.8.3
libasm1-0.185-150400.5.8.3
libdebuginfod1-0.185-150400.5.8.2
libdw-devel-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libdw1-32bit-0.185-150400.5.8.3
libelf-devel-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
libelf1-32bit-0.185-150400.5.8.3
SUSE Linux Enterprise Server 15 SP5-LTSS
debuginfod-client-0.185-150400.5.8.2
elfutils-0.185-150400.5.8.3
elfutils-lang-0.185-150400.5.8.3
libasm-devel-0.185-150400.5.8.3
libasm1-0.185-150400.5.8.3
libdebuginfod-devel-0.185-150400.5.8.2
libdebuginfod1-0.185-150400.5.8.2
libdw-devel-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libdw1-32bit-0.185-150400.5.8.3
libelf-devel-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
libelf1-32bit-0.185-150400.5.8.3
SUSE Linux Enterprise Server for SAP Applications 15 SP4
debuginfod-client-0.185-150400.5.8.2
elfutils-0.185-150400.5.8.3
elfutils-lang-0.185-150400.5.8.3
libasm-devel-0.185-150400.5.8.3
libasm1-0.185-150400.5.8.3
libdebuginfod1-0.185-150400.5.8.2
libdw-devel-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libdw1-32bit-0.185-150400.5.8.3
libelf-devel-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
libelf1-32bit-0.185-150400.5.8.3
SUSE Linux Enterprise Server for SAP Applications 15 SP5
debuginfod-client-0.185-150400.5.8.2
elfutils-0.185-150400.5.8.3
elfutils-lang-0.185-150400.5.8.3
libasm-devel-0.185-150400.5.8.3
libasm1-0.185-150400.5.8.3
libdebuginfod-devel-0.185-150400.5.8.2
libdebuginfod1-0.185-150400.5.8.2
libdw-devel-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libdw1-32bit-0.185-150400.5.8.3
libelf-devel-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
libelf1-32bit-0.185-150400.5.8.3
SUSE Manager Proxy LTS 4.3
debuginfod-client-0.185-150400.5.8.2
elfutils-0.185-150400.5.8.3
elfutils-lang-0.185-150400.5.8.3
libasm-devel-0.185-150400.5.8.3
libasm1-0.185-150400.5.8.3
libdebuginfod1-0.185-150400.5.8.2
libdw-devel-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libdw1-32bit-0.185-150400.5.8.3
libelf-devel-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
libelf1-32bit-0.185-150400.5.8.3
SUSE Manager Server LTS 4.3
debuginfod-client-0.185-150400.5.8.2
elfutils-0.185-150400.5.8.3
elfutils-lang-0.185-150400.5.8.3
libasm-devel-0.185-150400.5.8.3
libasm1-0.185-150400.5.8.3
libdebuginfod1-0.185-150400.5.8.2
libdw-devel-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libdw1-32bit-0.185-150400.5.8.3
libelf-devel-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
libelf1-32bit-0.185-150400.5.8.3
openSUSE Leap 15.6
debuginfod-client-0.185-150400.5.8.2
debuginfod-dummy-client-0.185-150400.5.8.3
elfutils-0.185-150400.5.8.3
elfutils-lang-0.185-150400.5.8.3
libasm-devel-0.185-150400.5.8.3
libasm1-0.185-150400.5.8.3
libasm1-32bit-0.185-150400.5.8.3
libdebuginfod-devel-0.185-150400.5.8.2
libdebuginfod-dummy-devel-0.185-150400.5.8.3
libdebuginfod1-0.185-150400.5.8.2
libdebuginfod1-dummy-0.185-150400.5.8.3
libdw-devel-0.185-150400.5.8.3
libdw1-0.185-150400.5.8.3
libdw1-32bit-0.185-150400.5.8.3
libelf-devel-0.185-150400.5.8.3
libelf-devel-32bit-0.185-150400.5.8.3
libelf1-0.185-150400.5.8.3
libelf1-32bit-0.185-150400.5.8.3
Ссылки
- Link for SUSE-SU-2025:4092-1
- E-Mail link for SUSE-SU-2025:4092-1
- SUSE Security Ratings
- SUSE Bug 1237236
- SUSE Bug 1237240
- SUSE Bug 1237241
- SUSE Bug 1237242
- SUSE CVE CVE-2025-1352 page
- SUSE CVE CVE-2025-1372 page
- SUSE CVE CVE-2025-1376 page
- SUSE CVE CVE-2025-1377 page
Описание
A vulnerability has been found in GNU elfutils 0.192 and classified as critical. This vulnerability affects the function __libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf. The manipulation of the argument w leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 2636426a091bd6c6f7f02e49ab20d4cdc6bfc753. It is recommended to apply a patch to fix this issue.
Затронутые продукты
Container bci/bci-minimal:15.6:libdw1-0.185-150400.5.8.3
Container bci/bci-minimal:15.6:libelf1-0.185-150400.5.8.3
Container bci/bci-minimal:latest:libdw1-0.185-150400.5.8.3
Container bci/bci-minimal:latest:libelf1-0.185-150400.5.8.3
Ссылки
- CVE-2025-1352
- SUSE Bug 1237236
Описание
A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf. The manipulation of the argument z/x leads to buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 73db9d2021cab9e23fd734b0a76a612d52a6f1db. It is recommended to apply a patch to fix this issue.
Затронутые продукты
Container bci/bci-minimal:15.6:libdw1-0.185-150400.5.8.3
Container bci/bci-minimal:15.6:libelf1-0.185-150400.5.8.3
Container bci/bci-minimal:latest:libdw1-0.185-150400.5.8.3
Container bci/bci-minimal:latest:libelf1-0.185-150400.5.8.3
Ссылки
- CVE-2025-1372
- SUSE Bug 1237240
Описание
A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is b16f441cca0a4841050e3215a9f120a6d8aea918. It is recommended to apply a patch to fix this issue.
Затронутые продукты
Container bci/bci-minimal:15.6:libdw1-0.185-150400.5.8.3
Container bci/bci-minimal:15.6:libelf1-0.185-150400.5.8.3
Container bci/bci-minimal:latest:libdw1-0.185-150400.5.8.3
Container bci/bci-minimal:latest:libelf1-0.185-150400.5.8.3
Ссылки
- CVE-2025-1376
- SUSE Bug 1237241
Описание
A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelf_getsymshndx of the file strip.c of the component eu-strip. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is fbf1df9ca286de3323ae541973b08449f8d03aba. It is recommended to apply a patch to fix this issue.
Затронутые продукты
Container bci/bci-minimal:15.6:libdw1-0.185-150400.5.8.3
Container bci/bci-minimal:15.6:libelf1-0.185-150400.5.8.3
Container bci/bci-minimal:latest:libdw1-0.185-150400.5.8.3
Container bci/bci-minimal:latest:libelf1-0.185-150400.5.8.3
Ссылки
- CVE-2025-1377
- SUSE Bug 1237242