aboutsummaryrefslogtreecommitdiff
path: root/advisories/GLIBC-SA-2025-0005
diff options
context:
space:
mode:
Diffstat (limited to 'advisories/GLIBC-SA-2025-0005')
-rw-r--r--advisories/GLIBC-SA-2025-000514
1 files changed, 14 insertions, 0 deletions
diff --git a/advisories/GLIBC-SA-2025-0005 b/advisories/GLIBC-SA-2025-0005
new file mode 100644
index 0000000..8bcccc5
--- /dev/null
+++ b/advisories/GLIBC-SA-2025-0005
@@ -0,0 +1,14 @@
+posix: Fix double-free after allocation failure in regcomp
+
+The regcomp function in the GNU C library version from 2.4 to 2.41 is
+subject to a double free if some previous allocation fails. It can be
+accomplished either by a malloc failure or by using an interposed
+malloc that injects random malloc failures. The double free can allow
+buffer manipulation depending of how the regex is constructed.
+This issue affects all architectures and ABIs supported by the GNU C
+library.
+
+CVE-Id: CVE-2025-8058
+Public-Date: 2025-07-22
+Vulnerable-Commit: 963d8d782fc98fb6dc3a66f0068795f9920c269d (2.3.3-1596)
+Fix-Commit: 7ea06e994093fa0bcca0d0ee2c1db271d8d7885d (2.42)
generated by cgit v1.1 at 2025-08-04 04:42:57 +0000