← Retour aux CVEs
CVE-2025-0395
MEDIUM6.2
Description
When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.
Details CVE
Score CVSS v3.16.2
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie1/22/2025
Derniere modification2/4/2026
Sourcenvd
Observations honeypot0
Faiblesses (CWE)
CWE-131
References
https://sourceware.org/bugzilla/show_bug.cgi?id=32582(3ff69d7a-14f2-4f67-a097-88dee7810d18)
https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2025-0001(3ff69d7a-14f2-4f67-a097-88dee7810d18)
https://sourceware.org/pipermail/libc-announce/2025/000044.html(3ff69d7a-14f2-4f67-a097-88dee7810d18)
https://www.openwall.com/lists/oss-security/2025/01/22/4(3ff69d7a-14f2-4f67-a097-88dee7810d18)
http://www.openwall.com/lists/oss-security/2025/01/22/4(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2025/01/23/2(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2025/04/13/1(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2025/04/24/7(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2025/04/msg00039.html(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20250228-0006/(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.