CVE-2025-0838Integer Overflow or Wraparound in Abseil-cpp

CWE-190Integer Overflow or Wraparound6 documents6 sources
Severity
5.9MEDIUMNVD
EPSS
0.1%
top 66.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Abseil Abseil-cppAbseil Common LibrariesDebian Abseil+1 more
Timeline
PublishedFeb 21
Latest updateMay 12

Description

There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve(), and rehash() methods of absl::{flat,node}hash{set,map} did not impose an upper bound on their size argument. As a result, it was possible for a caller to pass a very large size that would cause an integer overflow when computing the size of the container's backing store, and a subsequent out-of-bounds memory write. Subsequent accesses to the container might also access out-of-bounds memory. We recomm

CVSS vector

CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:A/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L

Affected Packages3 packages

debiandebian/abseil< abseil 20220623.1-1+deb12u1 (bookworm)
CVEListV5abseil/abseil-cpp< 5a0e2cb5e3958dd90bb8569a2766622cb74d90c1
NVDabseil/common_libraries< 20250127.0

Also affects: Debian Linux 11.0

Patches

Patch: github.com

🔴Vulnerability Details

2
GHSA
GHSA-m9gf-vf48-rg58: There exists a heap buffer overflow vulnerable in Abseil-cpp2025-02-21
OSV
CVE-2025-0838: There exists a heap buffer overflow vulnerable in Abseil-cpp2025-02-21

📋Vendor Advisories

3
Ubuntu
Abseil vulnerability2025-05-12
Red Hat
abseil-cpp: Heap Buffer overflow in Abseil2025-02-21
Debian
CVE-2025-0838: abseil - There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized construc...2025
CVE-2025-0838 — Integer Overflow or Wraparound | cvebase