{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-25260", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-04-24T15:07:14.701Z", "dateReserved": "2024-02-07T00:00:00.000Z", "datePublished": "2024-02-20T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-02-20T17:23:39.164Z"}, "descriptions": [{"lang": "en", "value": "elfutils v0.189 was discovered to contain a NULL pointer dereference via the handle_verdef() function at readelf.c."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=31058"}, {"url": "https://github.com/schsiung/fuzzer_issues/issues/1"}, {"url": "https://sourceware.org/elfutils/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-476", "lang": "en", "description": "CWE-476 NULL Pointer Dereference"}]}], "affected": [{"vendor": "elfutils_project", "product": "elfutils", "cpes": ["cpe:2.3:a:elfutils_project:elfutils:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "v0.189", "status": "affected"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-07-26T17:03:37.212098Z", "id": "CVE-2024-25260", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-24T15:07:14.701Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:44:08.324Z"}, "title": "CVE Program Container", "references": [{"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=31058", "tags": ["x_transferred"]}, {"url": "https://github.com/schsiung/fuzzer_issues/issues/1", "tags": ["x_transferred"]}, {"url": "https://sourceware.org/elfutils/", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=31058", "tags": ["x_transferred"]}, {"url": "https://github.com/schsiung/fuzzer_issues/issues/1", "tags": ["x_transferred"]}, {"url": "https://sourceware.org/elfutils/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:44:08.324Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-25260", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-26T17:03:37.212098Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:elfutils_project:elfutils:*:*:*:*:*:*:*:*"], "vendor": "elfutils_project", "product": "elfutils", "versions": [{"status": "affected", "version": "v0.189"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-26T17:06:07.081Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=31058"}, {"url": "https://github.com/schsiung/fuzzer_issues/issues/1"}, {"url": "https://sourceware.org/elfutils/"}], "descriptions": [{"lang": "en", "value": "elfutils v0.189 was discovered to contain a NULL pointer dereference via the handle_verdef() function at readelf.c."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-02-20T17:23:39.164Z"}}}, "cveMetadata": {"cveId": "CVE-2024-25260", "state": "PUBLISHED", "dateUpdated": "2025-04-24T15:07:14.701Z", "dateReserved": "2024-02-07T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-02-20T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:elfutils_project:elfutils:0.189:*:*:*:*:*:*:*", "matchCriteriaId": "D9195306-8D54-4B2F-8643-C7AB0C8D9543", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "elfutils v0.189 was discovered to contain a NULL pointer dereference via the handle_verdef() function at readelf.c."}, {"lang": "es", "value": "Se descubri\u00f3 que elfutils v0.189 conten\u00eda una desreferencia de puntero NULL a trav\u00e9s de la funci\u00f3n handle_verdef() en readelf.c. "}], "id": "CVE-2024-25260", "lastModified": "2025-04-25T20:42:23.630", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-02-20T18:15:52.880", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking"], "url": "https://github.com/schsiung/fuzzer_issues/issues/1"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking"], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=31058"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://sourceware.org/elfutils/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking"], "url": "https://github.com/schsiung/fuzzer_issues/issues/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking"], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=31058"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://sourceware.org/elfutils/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "elfutils: global-buffer-overflow exists in the function ebl_machine_flag_name in eblmachineflagname.c", "id": "2265194", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265194"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-119", "details": ["elfutils v0.189 was discovered to contain a NULL pointer dereference via the handle_verdef() function at readelf.c.", "A NULL pointer dereference vulnerability in the elfutils library has been discovered. This vulnerability occurs within the handle_verdef() function in the readelf.c source file. A NULL pointer dereference typically happens when a program attempts to access memory using a pointer that is not pointing anywhere (i.e., it's NULL), leading to a crash or potentially exploitable behavior."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-25260", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "elfutils", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "elfutils", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "elfutils", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "gcc-toolset-11-elfutils", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "elfutils", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:rhev_hypervisor:4", "fix_state": "Will not fix", "package_name": "elfutils", "product_name": "Red Hat Virtualization 4"}], "public_date": "2024-02-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-25260\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-25260\nhttps://github.com/schsiung/fuzzer_issues/issues/1\nhttps://sourceware.org/bugzilla/show_bug.cgi?id=31058\nhttps://sourceware.org/elfutils/"], "statement": "This incident was classified as a standard bug rather than a security concern. Crashes in standalone utilities triggered by untrusted inputs typically aren't regarded as security issues since they don't lead to privilege escalation. It's important to highlight that unless eu-readelf is instrumented with AddressSanitizer, no actual crash occurs; instead, eu-readelf simply prints a random global string.", "threat_severity": "Low"}