Medium severity6.2NVD Advisory· Published Jan 22, 2025· Updated May 12, 2026
CVE-2025-0395
CVE-2025-0395
Description
When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- www.openwall.com/lists/oss-security/2025/01/22/4nvd
- www.openwall.com/lists/oss-security/2025/01/23/2nvd
- www.openwall.com/lists/oss-security/2025/04/13/1nvd
- www.openwall.com/lists/oss-security/2025/04/24/7nvd
- cert-portal.siemens.com/productcert/html/ssa-398330.htmlnvd
- cert-portal.siemens.com/productcert/html/ssa-577017.htmlnvd
- lists.debian.org/debian-lts-announce/2025/04/msg00039.htmlnvd
- security.netapp.com/advisory/ntap-20250228-0006/nvd
- www.openwall.com/lists/oss-security/2025/01/22/4nvd
News mentions
1- Siemens Ruggedcom RoxCISA Alerts