AZL-55965

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-55965.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-55965

Upstream

CVE-2025-0395

Published

2025-01-22T13:15:20Z

Modified

2026-04-21T04:36:02.552192Z

Summary

CVE-2025-0395 affecting package glibc for versions less than 2.38-11

Details

When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-0395

Affected packages

Azure Linux:3 / glibc

Package

Name: glibc
Purl: pkg:rpm/azure-linux/glibc

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.38-11

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-55965.json"