CVE-2025-1372: 
CBL Mariner vulnerability analysis and mitigation

A vulnerability was found in GNU elfutils 0.192, identified as CVE-2025-1372. The issue affects the functions dumpdatasection and printstringsection in the readelf.c file of the eu-readelf component. The vulnerability was discovered on February 7, 2025, and disclosed on February 16, 2025. The affected software is GNU elfutils version 0.192 (NVD, Snyk).

The vulnerability occurs when using the -z and -x options with a specially crafted input file in eu-readelf. The manipulation of the argument z/x leads to buffer overflow when attempting to check whether a section name starts with .zdebug for unnamed numbered sections. The issue has been assigned CWE-120 (Buffer Copy without Checking Size of Input) and CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer). The vulnerability has a CVSS v3.1 base score of 5.3 (MEDIUM) with vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L (Bugzilla, VulDB).

The vulnerability can lead to buffer overflow conditions when processing specially crafted input files. This could potentially result in program crashes or arbitrary code execution in a local context. The impact is considered medium severity with potential loss of confidentiality, integrity, and availability, though all at low levels (Snyk).

A patch has been released with the identifier 73db9d2021cab9e23fd734b0a76a612d52a6f1db. The fix involves adding a check to verify that a section has a name before attempting to process it for .zdebug sections. It is recommended to apply this patch to fix the issue (Bugzilla).

The elfutils maintainers have noted that while this issue has been assigned a CVE, it does not align with their security policy. They emphasize that elfutils tools are typically used in development contexts rather than production environments, and therefore such issues are treated as ordinary bugs rather than security vulnerabilities (Bugzilla).