INFSA-2025:3828: glibc security update
Information about definition
Identificator: INFSA-2025:3828
Type: security
Release date: 2025-04-29 14:22:08 UTC
Information about package
The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.
Vulnerabilities description
- CVE-2025-0395
When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2025-0395
|
no information | 5.5 | no information |
Updated packages