Skip to content

CVE-2025-0395: glibc

Title

CVE-2025-0395: glibc: Buffer overflow in assert()

Summary

As discovered by Qualys and summarized by glibc upstream:

When the assert() function fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.

Public disclosure date: January 22, 2025

EL9

  • Fixed in version: 2.34-125.1.el9_5.security.0.11 available January 27, 2025
  • Fixed in upstream version: 2.34-125.el9_5.8 available April 28, 2025

EL8

  • Fixed in upstream version: 2.28-251.el8_10.16 available April 14, 2025