CVE-2025-1352

CVSS 3.1 Score 5 of 10 (medium)

Details

Published Feb 16, 2025

CWE ID 119

Summary

CVE-2025-1352 is a critical vulnerability affecting the GNU elfutils 0.192. The issue lies in the function __libdw_thread_tail of the library libdw_alloc in the eu-readelf component. Manipulation of the argument w results in memory corruption, enabling remote attacks. The complexity and difficulty of exploitation are relatively high, but the exploit has been made public. To mitigate this issue, it is advised to apply the patch with the name 2636426a091bd6c6f7f02e49ab20d4cdc6bfc753.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3ZMyff
https://www.cve.org/CVERecord?id=CVE-2025-1352
https://nvd.nist.gov/vuln/detail/CVE-2025-1352

Back to Vulnerability Database

CVE-2025-1352

CVSS 3.1 Score 5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations