CVE-2025-0395

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-0395

Severity

Unknown

Eliminate CVEs with Chainguard hardened images

Build, ship, and run secure software with minimal, hardened container images — rebuilt from source daily and guarded under our industry-leading remediation SLA.

Start for free

Description

When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-0395
https://github.com/advisories/GHSA-4xpw-6594-8f5m
https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2025-0001
https://security.netapp.com/advisory/ntap-20250228-0006/
https://sourceware.org/bugzilla/show_bug.cgi?id=32582
https://sourceware.org/pipermail/libc-announce/2025/000044.html
https://www.openwall.com/lists/oss-security/2025/01/22/4
http://www.openwall.com/lists/oss-security/2025/01/22/4
http://www.openwall.com/lists/oss-security/2025/01/23/2
http://www.openwall.com/lists/oss-security/2025/04/13/1
http://www.openwall.com/lists/oss-security/2025/04/24/7
https://lists.debian.org/debian-lts-announce/2025/04/msg00039.html

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

The trusted source for open source

Talk to an expert

Privacy

Terms

CVE-2025-0395

Severity

Description

References

Affected packages

The trusted source for open source

Product

Solutions

Customers

Resources

Company