QwikSec

Security Database

CVE

CWE

Training

CVE-2025-0395

Published: Jan 22, 2025

Modified: May 12, 2026

PUBLISHED

Description

When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.

Vendor	Product	Versions
The GNU C Library	glibc	affected `2.13 - <= 2.40`

Weaknesses (CWE)

References

https://www.openwall.com/lists/oss-security/2025/01/22/4

https://sourceware.org/bugzilla/show_bug.cgi?id=32582

https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2025-0001

https://sourceware.org/pipermail/libc-announce/2025/000044.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.