[PATCH 0/2] Fix CVE-2025-0395
Siddhesh Poyarekar
siddhesh@sourceware.org
Wed Jan 22 13:09:22 GMT 2025
This was reported by Qualys (thank you!) to the glibc CNA and we
concluded that it does not really need a coordinated disclosure.
Tested on x86_64. I'll adjust the final commit ID in the advisory text
when I commit, so 2/2 will likely change slightly.
Siddhesh Poyarekar (2):
Fix underallocation of abort_msg_s struct (CVE-2025-0395)
Add advisory text for CVE-2025-0395
advisories/GLIBC-SA-2025-0001 | 23 +++++++++++++++++++++++
assert/assert.c | 4 +++-
sysdeps/posix/libc_fatal.c | 4 +++-
3 files changed, 29 insertions(+), 2 deletions(-)
create mode 100644 advisories/GLIBC-SA-2025-0001
--
2.47.1
More information about the Libc-alpha
mailing list