摘要:
elfutils security update
安全等级: Medium
公告ID: KylinSec-SA-2025-1266
发布日期: 2025年2月21日
关联CVE: CVE-2025-1352 CVE-2025-1365 CVE-2025-1371 CVE-2025-1372 CVE-2025-1376 CVE-2025-1377
Elfutils is a collection of utilities, including stack (to show
backtraces), nm (for listing symbols from object files), size
(for listing the section sizes of an object or archive file),
strip (for discarding symbols), readelf (to see the raw ELF file
structures), elflint (to check for well-formed ELF files) and
elfcompress (to compress or decompress ELF sections).
Also included are helper libraries which implement DWARF, ELF,
and machine-specific ELF handling and process introspection.
It also provides a DSO which allows reading and
writing ELF files on a high level. Third party programs depend on
this package to read internals of ELF files.
Yama sysctl setting to enable default attach scope settings
enabling programs to use ptrace attach, access to
/proc/PID/{mem,personality,stack,syscall}, and the syscalls
process_vm_readv and process_vm_writev which are used for
interprocess services, communication and introspection
(like synchronisation, signaling, debugging, tracing and
profiling) of processes.
Security Fix(es):
A vulnerability has been found in GNU elfutils 0.192 and classified as critical. This vulnerability affects the function __libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf. The manipulation of the argument w leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 2636426a091bd6c6f7f02e49ab20d4cdc6bfc753. It is recommended to apply a patch to fix this issue.(CVE-2025-1352)
A vulnerability, which was classified as critical, was found in GNU elfutils 0.192. This affects the function process_symtab of the file readelf.c of the component eu-readelf. The manipulation of the argument D/a leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 5e5c0394d82c53e97750fe7b18023e6f84157b81. It is recommended to apply a patch to fix this issue.(CVE-2025-1365)
A vulnerability has been found in GNU elfutils 0.192 and classified as problematic. This vulnerability affects the function handle_dynamic_symtab of the file readelf.c of the component eu-read. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is identified as b38e562a4c907e08171c76b8b2def8464d5a104a. It is recommended to apply a patch to fix this issue.(CVE-2025-1371)
A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf. The manipulation of the argument z/x leads to buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 73db9d2021cab9e23fd734b0a76a612d52a6f1db. It is recommended to apply a patch to fix this issue.(CVE-2025-1372)
A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is b16f441cca0a4841050e3215a9f120a6d8aea918. It is recommended to apply a patch to fix this issue.(CVE-2025-1376)
A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelf_getsymshndx of the file strip.c of the component eu-strip. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is fbf1df9ca286de3323ae541973b08449f8d03aba. It is recommended to apply a patch to fix this issue.(CVE-2025-1377)
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2025-1352 | V6 | elfutils | Fixed |
| CVE-2025-1365 | V6 | elfutils | Fixed |
| CVE-2025-1371 | V6 | elfutils | Fixed |
| CVE-2025-1372 | V6 | elfutils | Fixed |
| CVE-2025-1376 | V6 | elfutils | Fixed |
| CVE-2025-1377 | V6 | elfutils | Fixed |
| 软件名称 | 架构 | 版本号 |
|---|---|---|
| elfutils-default-yama-scope | noarch | 0.190-8.ks6 |
| elfutils | x86_64 | 0.190-8.ks6 |
| elfutils-devel | x86_64 | 0.190-8.ks6 |
| elfutils-extra | x86_64 | 0.190-8.ks6 |
| elfutils-help | x86_64 | 0.190-8.ks6 |
| elfutils-libelf | x86_64 | 0.190-8.ks6 |
| elfutils-libelf-devel | x86_64 | 0.190-8.ks6 |
| elfutils-libs | x86_64 | 0.190-8.ks6 |
| elfutils | aarch64 | 0.190-8.ks6 |
| elfutils-devel | aarch64 | 0.190-8.ks6 |
| elfutils-extra | aarch64 | 0.190-8.ks6 |
| elfutils-help | aarch64 | 0.190-8.ks6 |
| elfutils-libelf | aarch64 | 0.190-8.ks6 |
| elfutils-libelf-devel | aarch64 | 0.190-8.ks6 |
| elfutils-libs | aarch64 | 0.190-8.ks6 |
方法一:下载安装包进行升级安装
1、通过下载链接下载需要升级的升级包保存,如 xxx.rpm
2、通过rpm命令升级,如 rpm -Uvh xxx.rpm
方法二:通过软件源进行升级安装
1、保持能够连接上互联网
2、通过yum命令升级指定的包,如 yum install 包名
