A stack buffer overflow vulnerability exists in the buffer_get function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/13xxx/CVE-2025-13654.json",
"cna_assigner": "certcc"
}{
"source": [
"CPE_RANGE",
"REFERENCES"
],
"cpe": "cpe:2.3:a:zevv:duc:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "1.4.6"
}
]
}"2026-07-09T17:43:26Z"
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-13654.json"
[
{
"id": "CVE-2025-13654-76742b19",
"digest": {
"line_hashes": [
"39289255876773731139160369832676406208",
"163409178817594712516717372038319009126",
"233980186272540327680530445336009202524",
"232792614342879378378783240625819822636"
],
"threshold": 0.9
},
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/zevv/duc/commit/8638c4365ffd9e1966bdef8af6339dbee8c17e66",
"deprecated": false,
"target": {
"file": "src/libduc/buffer.c"
}
},
{
"id": "CVE-2025-13654-86865cd4",
"digest": {
"function_hash": "202953349293003004385644582668182201625",
"length": 243.0
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/zevv/duc/commit/8638c4365ffd9e1966bdef8af6339dbee8c17e66",
"deprecated": false,
"target": {
"function": "buffer_get",
"file": "src/libduc/buffer.c"
}
}
]