[PATCH 2/2] Add advisory text for CVE-2025-0395

[Siddhesh Poyarekar]

Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
---
Note: Fix-Commit may change depending on the actual commit that fixes
this.

 advisories/GLIBC-SA-2025-0001 | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 advisories/GLIBC-SA-2025-0001

diff --git a/advisories/GLIBC-SA-2025-0001 b/advisories/GLIBC-SA-2025-0001
new file mode 100644
index 0000000000..4624c06469
--- /dev/null
+++ b/advisories/GLIBC-SA-2025-0001
@@ -0,0 +1,23 @@
+assert: Buffer overflow when printing assertion failure message
+
+When the assert() function fails, it does not allocate enough space for the
+assertion failure message string and size information, which may lead to a
+buffer overflow if the message string size aligns to page size.
+
+This bug can be triggered when an assertion in a program fails.  The assertion
+failure message typically includes, in addition to the invariant assertion
+string and function name, the name of the program.  If the name of the failing
+program is user controlled, for example on a local system, this could allow an
+attacker to control the assertion failure to trigger this buffer overflow.
+
+The only viable vector for exploitation of this bug is local, if a setuid
+program exists that has an existing bug that results in an assertion failure.
+No such program has been discovered at the time of publishing this advisory,
+but the presence of custom setuid programs, although strongly discouraged as a
+security practice, cannot be discounted.
+
+CVE-Id: CVE-2025-0395
+Public-Date: 2025-01-22
+Vulnerable-Commit: f8a3b5bf8fa1d0c43d2458e03cc109a04fdef194 (2.13-175)
+Fix-Commit: 168edf9cb20474a95e3fdf85daf03e57a14d4c91 (2.41)
+Reported-By: Qualys Security Advisory
-- 
2.47.1