UBUNTU-CVE-2025-8058
- Source
- https://ubuntu.com/security/CVE-2025-8058
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-8058.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2025-8058
- Upstream
- Downstream
- Related
- Published
- 2025-07-23T20:15:00Z
- Modified
- 2026-02-04T07:39:09.389770Z
- Severity
-
- 5.9 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an interposed malloc that injects random malloc failures. The double free can allow buffer manipulation depending of how the regex is constructed. This issue affects all architectures and ABIs supported by the GNU C library.
- References
Affected packages
Ubuntu:22.04:LTS
glibc
Package
- Name
- glibc
- Purl
- pkg:deb/ubuntu/glibc@2.35-0ubuntu3.11?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.35-0ubuntu3.11
Affected versions
2.*
2.34-0ubuntu3
2.35-0ubuntu1
2.35-0ubuntu3
2.35-0ubuntu3.1
2.35-0ubuntu3.3
2.35-0ubuntu3.4
2.35-0ubuntu3.5
2.35-0ubuntu3.6
2.35-0ubuntu3.7
2.35-0ubuntu3.8
2.35-0ubuntu3.9
2.35-0ubuntu3.10
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "2.35-0ubuntu3.11",
"binary_name": "glibc-source"
},
{
"binary_version": "2.35-0ubuntu3.11",
"binary_name": "libc-bin"
},
{
"binary_version": "2.35-0ubuntu3.11",
"binary_name": "libc-dev-bin"
},
{
"binary_version": "2.35-0ubuntu3.11",
"binary_name": "libc-devtools"
},
{
"binary_version": "2.35-0ubuntu3.11",
"binary_name": "libc6"
},
{
"binary_version": "2.35-0ubuntu3.11",
"binary_name": "libc6-amd64"
},
{
"binary_version": "2.35-0ubuntu3.11",
"binary_name": "libc6-dev"
},
{
"binary_version": "2.35-0ubuntu3.11",
"binary_name": "libc6-dev-amd64"
},
{
"binary_version": "2.35-0ubuntu3.11",
"binary_name": "libc6-dev-i386"
},
{
"binary_version": "2.35-0ubuntu3.11",
"binary_name": "libc6-dev-s390"
},
{
"binary_version": "2.35-0ubuntu3.11",
"binary_name": "libc6-dev-x32"
},
{
"binary_version": "2.35-0ubuntu3.11",
"binary_name": "libc6-i386"
},
{
"binary_version": "2.35-0ubuntu3.11",
"binary_name": "libc6-prof"
},
{
"binary_version": "2.35-0ubuntu3.11",
"binary_name": "libc6-s390"
},
{
"binary_version": "2.35-0ubuntu3.11",
"binary_name": "libc6-x32"
},
{
"binary_version": "2.35-0ubuntu3.11",
"binary_name": "locales"
},
{
"binary_version": "2.35-0ubuntu3.11",
"binary_name": "locales-all"
},
{
"binary_version": "2.35-0ubuntu3.11",
"binary_name": "nscd"
}
]
}Ubuntu:24.04:LTS
glibc
Package
- Name
- glibc
- Purl
- pkg:deb/ubuntu/glibc@2.39-0ubuntu8.6?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.39-0ubuntu8.6
Affected versions
2.*
2.38-1ubuntu6
2.38-3ubuntu1
2.39-0ubuntu1
2.39-0ubuntu2
2.39-0ubuntu6
2.39-0ubuntu8
2.39-0ubuntu8.1
2.39-0ubuntu8.2
2.39-0ubuntu8.3
2.39-0ubuntu8.4
2.39-0ubuntu8.5
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "2.39-0ubuntu8.6",
"binary_name": "glibc-source"
},
{
"binary_version": "2.39-0ubuntu8.6",
"binary_name": "libc-bin"
},
{
"binary_version": "2.39-0ubuntu8.6",
"binary_name": "libc-dev-bin"
},
{
"binary_version": "2.39-0ubuntu8.6",
"binary_name": "libc-devtools"
},
{
"binary_version": "2.39-0ubuntu8.6",
"binary_name": "libc6"
},
{
"binary_version": "2.39-0ubuntu8.6",
"binary_name": "libc6-amd64"
},
{
"binary_version": "2.39-0ubuntu8.6",
"binary_name": "libc6-dev"
},
{
"binary_version": "2.39-0ubuntu8.6",
"binary_name": "libc6-dev-amd64"
},
{
"binary_version": "2.39-0ubuntu8.6",
"binary_name": "libc6-dev-i386"
},
{
"binary_version": "2.39-0ubuntu8.6",
"binary_name": "libc6-dev-s390"
},
{
"binary_version": "2.39-0ubuntu8.6",
"binary_name": "libc6-dev-x32"
},
{
"binary_version": "2.39-0ubuntu8.6",
"binary_name": "libc6-i386"
},
{
"binary_version": "2.39-0ubuntu8.6",
"binary_name": "libc6-s390"
},
{
"binary_version": "2.39-0ubuntu8.6",
"binary_name": "libc6-x32"
},
{
"binary_version": "2.39-0ubuntu8.6",
"binary_name": "locales"
},
{
"binary_version": "2.39-0ubuntu8.6",
"binary_name": "locales-all"
},
{
"binary_version": "2.39-0ubuntu8.6",
"binary_name": "nscd"
}
]
}Ubuntu:Pro:14.04:LTS
eglibc
Package
- Name
- eglibc
- Purl
- pkg:deb/ubuntu/eglibc@2.19-0ubuntu6.15+esm4?arch=source&distro=esm-infra-legacy/trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.17-93ubuntu4
2.18-0ubuntu1
2.18-0ubuntu2
2.18-0ubuntu4
2.18-0ubuntu5
2.18-0ubuntu6
2.18-0ubuntu7
2.19-0ubuntu2
2.19-0ubuntu3
2.19-0ubuntu4
2.19-0ubuntu5
2.19-0ubuntu6
2.19-0ubuntu6.1
2.19-0ubuntu6.3
2.19-0ubuntu6.4
2.19-0ubuntu6.5
2.19-0ubuntu6.6
2.19-0ubuntu6.7
2.19-0ubuntu6.8
2.19-0ubuntu6.9
2.19-0ubuntu6.10
2.19-0ubuntu6.11
2.19-0ubuntu6.13
2.19-0ubuntu6.14
2.19-0ubuntu6.15
2.19-0ubuntu6.15+esm1
2.19-0ubuntu6.15+esm2
2.19-0ubuntu6.15+esm3
2.19-0ubuntu6.15+esm4
Ecosystem specific
{
"binaries": [
{
"binary_version": "2.19-0ubuntu6.15+esm4",
"binary_name": "eglibc-source"
},
{
"binary_version": "2.19-0ubuntu6.15+esm4",
"binary_name": "libc-bin"
},
{
"binary_version": "2.19-0ubuntu6.15+esm4",
"binary_name": "libc-dev-bin"
},
{
"binary_version": "2.19-0ubuntu6.15+esm4",
"binary_name": "libc6"
},
{
"binary_version": "2.19-0ubuntu6.15+esm4",
"binary_name": "libc6-amd64"
},
{
"binary_version": "2.19-0ubuntu6.15+esm4",
"binary_name": "libc6-armel"
},
{
"binary_version": "2.19-0ubuntu6.15+esm4",
"binary_name": "libc6-dev"
},
{
"binary_version": "2.19-0ubuntu6.15+esm4",
"binary_name": "libc6-dev-amd64"
},
{
"binary_version": "2.19-0ubuntu6.15+esm4",
"binary_name": "libc6-dev-armel"
},
{
"binary_version": "2.19-0ubuntu6.15+esm4",
"binary_name": "libc6-dev-i386"
},
{
"binary_version": "2.19-0ubuntu6.15+esm4",
"binary_name": "libc6-dev-x32"
},
{
"binary_version": "2.19-0ubuntu6.15+esm4",
"binary_name": "libc6-i386"
},
{
"binary_version": "2.19-0ubuntu6.15+esm4",
"binary_name": "libc6-pic"
},
{
"binary_version": "2.19-0ubuntu6.15+esm4",
"binary_name": "libc6-prof"
},
{
"binary_version": "2.19-0ubuntu6.15+esm4",
"binary_name": "libc6-x32"
},
{
"binary_version": "2.19-0ubuntu6.15+esm4",
"binary_name": "multiarch-support"
},
{
"binary_version": "2.19-0ubuntu6.15+esm4",
"binary_name": "nscd"
}
]
}Ubuntu:Pro:16.04:LTS
glibc
Package
- Name
- glibc
- Purl
- pkg:deb/ubuntu/glibc@2.23-0ubuntu11.3+esm9?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.23-0ubuntu11.3+esm9
Affected versions
2.*
2.21-0ubuntu4
2.21-0ubuntu5
2.21-0ubuntu6
2.23-0ubuntu1
2.23-0ubuntu2
2.23-0ubuntu3
2.23-0ubuntu4
2.23-0ubuntu5
2.23-0ubuntu6
2.23-0ubuntu7
2.23-0ubuntu9
2.23-0ubuntu10
2.23-0ubuntu11
2.23-0ubuntu11.2
2.23-0ubuntu11.3
2.23-0ubuntu11.3+esm1
2.23-0ubuntu11.3+esm2
2.23-0ubuntu11.3+esm3
2.23-0ubuntu11.3+esm5
2.23-0ubuntu11.3+esm6
2.23-0ubuntu11.3+esm7
2.23-0ubuntu11.3+esm8
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "2.23-0ubuntu11.3+esm9",
"binary_name": "glibc-source"
},
{
"binary_version": "2.23-0ubuntu11.3+esm9",
"binary_name": "libc-bin"
},
{
"binary_version": "2.23-0ubuntu11.3+esm9",
"binary_name": "libc-dev-bin"
},
{
"binary_version": "2.23-0ubuntu11.3+esm9",
"binary_name": "libc6"
},
{
"binary_version": "2.23-0ubuntu11.3+esm9",
"binary_name": "libc6-amd64"
},
{
"binary_version": "2.23-0ubuntu11.3+esm9",
"binary_name": "libc6-armel"
},
{
"binary_version": "2.23-0ubuntu11.3+esm9",
"binary_name": "libc6-dev"
},
{
"binary_version": "2.23-0ubuntu11.3+esm9",
"binary_name": "libc6-dev-amd64"
},
{
"binary_version": "2.23-0ubuntu11.3+esm9",
"binary_name": "libc6-dev-armel"
},
{
"binary_version": "2.23-0ubuntu11.3+esm9",
"binary_name": "libc6-dev-i386"
},
{
"binary_version": "2.23-0ubuntu11.3+esm9",
"binary_name": "libc6-dev-s390"
},
{
"binary_version": "2.23-0ubuntu11.3+esm9",
"binary_name": "libc6-dev-x32"
},
{
"binary_version": "2.23-0ubuntu11.3+esm9",
"binary_name": "libc6-i386"
},
{
"binary_version": "2.23-0ubuntu11.3+esm9",
"binary_name": "libc6-pic"
},
{
"binary_version": "2.23-0ubuntu11.3+esm9",
"binary_name": "libc6-s390"
},
{
"binary_version": "2.23-0ubuntu11.3+esm9",
"binary_name": "libc6-x32"
},
{
"binary_version": "2.23-0ubuntu11.3+esm9",
"binary_name": "locales"
},
{
"binary_version": "2.23-0ubuntu11.3+esm9",
"binary_name": "locales-all"
},
{
"binary_version": "2.23-0ubuntu11.3+esm9",
"binary_name": "multiarch-support"
},
{
"binary_version": "2.23-0ubuntu11.3+esm9",
"binary_name": "nscd"
}
]
}Ubuntu:Pro:18.04:LTS
glibc
Package
- Name
- glibc
- Purl
- pkg:deb/ubuntu/glibc@2.27-3ubuntu1.6+esm6?arch=source&distro=esm-infra/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.27-3ubuntu1.6+esm6
Affected versions
2.*
2.26-0ubuntu2
2.26-0ubuntu2.1
2.27-0ubuntu2
2.27-0ubuntu3
2.27-3ubuntu1
2.27-3ubuntu1.2
2.27-3ubuntu1.3
2.27-3ubuntu1.4
2.27-3ubuntu1.5
2.27-3ubuntu1.6
2.27-3ubuntu1.6+esm1
2.27-3ubuntu1.6+esm2
2.27-3ubuntu1.6+esm3
2.27-3ubuntu1.6+esm4
2.27-3ubuntu1.6+esm5
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "2.27-3ubuntu1.6+esm6",
"binary_name": "glibc-source"
},
{
"binary_version": "2.27-3ubuntu1.6+esm6",
"binary_name": "libc-bin"
},
{
"binary_version": "2.27-3ubuntu1.6+esm6",
"binary_name": "libc-dev-bin"
},
{
"binary_version": "2.27-3ubuntu1.6+esm6",
"binary_name": "libc6"
},
{
"binary_version": "2.27-3ubuntu1.6+esm6",
"binary_name": "libc6-amd64"
},
{
"binary_version": "2.27-3ubuntu1.6+esm6",
"binary_name": "libc6-armel"
},
{
"binary_version": "2.27-3ubuntu1.6+esm6",
"binary_name": "libc6-dev"
},
{
"binary_version": "2.27-3ubuntu1.6+esm6",
"binary_name": "libc6-dev-amd64"
},
{
"binary_version": "2.27-3ubuntu1.6+esm6",
"binary_name": "libc6-dev-armel"
},
{
"binary_version": "2.27-3ubuntu1.6+esm6",
"binary_name": "libc6-dev-i386"
},
{
"binary_version": "2.27-3ubuntu1.6+esm6",
"binary_name": "libc6-dev-s390"
},
{
"binary_version": "2.27-3ubuntu1.6+esm6",
"binary_name": "libc6-dev-x32"
},
{
"binary_version": "2.27-3ubuntu1.6+esm6",
"binary_name": "libc6-i386"
},
{
"binary_version": "2.27-3ubuntu1.6+esm6",
"binary_name": "libc6-lse"
},
{
"binary_version": "2.27-3ubuntu1.6+esm6",
"binary_name": "libc6-pic"
},
{
"binary_version": "2.27-3ubuntu1.6+esm6",
"binary_name": "libc6-s390"
},
{
"binary_version": "2.27-3ubuntu1.6+esm6",
"binary_name": "libc6-x32"
},
{
"binary_version": "2.27-3ubuntu1.6+esm6",
"binary_name": "locales"
},
{
"binary_version": "2.27-3ubuntu1.6+esm6",
"binary_name": "locales-all"
},
{
"binary_version": "2.27-3ubuntu1.6+esm6",
"binary_name": "multiarch-support"
},
{
"binary_version": "2.27-3ubuntu1.6+esm6",
"binary_name": "nscd"
}
]
}Ubuntu:Pro:20.04:LTS
glibc
Package
- Name
- glibc
- Purl
- pkg:deb/ubuntu/glibc@2.31-0ubuntu9.18+esm1?arch=source&distro=esm-infra/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.31-0ubuntu9.18+esm1
Affected versions
2.*
2.30-0ubuntu2
2.30-0ubuntu3
2.31-0ubuntu5
2.31-0ubuntu6
2.31-0ubuntu7
2.31-0ubuntu9
2.31-0ubuntu9.1
2.31-0ubuntu9.2
2.31-0ubuntu9.3
2.31-0ubuntu9.7
2.31-0ubuntu9.9
2.31-0ubuntu9.12
2.31-0ubuntu9.14
2.31-0ubuntu9.15
2.31-0ubuntu9.16
2.31-0ubuntu9.17
2.31-0ubuntu9.18
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "2.31-0ubuntu9.18+esm1",
"binary_name": "glibc-source"
},
{
"binary_version": "2.31-0ubuntu9.18+esm1",
"binary_name": "libc-bin"
},
{
"binary_version": "2.31-0ubuntu9.18+esm1",
"binary_name": "libc-dev-bin"
},
{
"binary_version": "2.31-0ubuntu9.18+esm1",
"binary_name": "libc6"
},
{
"binary_version": "2.31-0ubuntu9.18+esm1",
"binary_name": "libc6-amd64"
},
{
"binary_version": "2.31-0ubuntu9.18+esm1",
"binary_name": "libc6-armel"
},
{
"binary_version": "2.31-0ubuntu9.18+esm1",
"binary_name": "libc6-dev"
},
{
"binary_version": "2.31-0ubuntu9.18+esm1",
"binary_name": "libc6-dev-amd64"
},
{
"binary_version": "2.31-0ubuntu9.18+esm1",
"binary_name": "libc6-dev-armel"
},
{
"binary_version": "2.31-0ubuntu9.18+esm1",
"binary_name": "libc6-dev-i386"
},
{
"binary_version": "2.31-0ubuntu9.18+esm1",
"binary_name": "libc6-dev-s390"
},
{
"binary_version": "2.31-0ubuntu9.18+esm1",
"binary_name": "libc6-dev-x32"
},
{
"binary_version": "2.31-0ubuntu9.18+esm1",
"binary_name": "libc6-i386"
},
{
"binary_version": "2.31-0ubuntu9.18+esm1",
"binary_name": "libc6-lse"
},
{
"binary_version": "2.31-0ubuntu9.18+esm1",
"binary_name": "libc6-pic"
},
{
"binary_version": "2.31-0ubuntu9.18+esm1",
"binary_name": "libc6-prof"
},
{
"binary_version": "2.31-0ubuntu9.18+esm1",
"binary_name": "libc6-s390"
},
{
"binary_version": "2.31-0ubuntu9.18+esm1",
"binary_name": "libc6-x32"
},
{
"binary_version": "2.31-0ubuntu9.18+esm1",
"binary_name": "locales"
},
{
"binary_version": "2.31-0ubuntu9.18+esm1",
"binary_name": "locales-all"
},
{
"binary_version": "2.31-0ubuntu9.18+esm1",
"binary_name": "nscd"
}
]
}