CVE-2025-12771
published 2025-12-26CVE-2025-12771: IBM Concert 1.0.0 through 2.1.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
IBM Concert 1.0.0 through 2.1.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | concert | >= 1.0.0 < 2.2.0 | 2.2.0 |
| ibm | concert | 1.0.0 – 2.1.0 | — |
| msrc | cbl_mariner_1.0_arm | — | — |
| msrc | cbl_mariner_1.0_x64 | — | — |
| msrc | cm1_kernel_5.4.91-11_on_cbl_mariner_1.0 | — | — |