CVE-2025-52582
published 2025-12-16CVE-2025-52582: An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelData functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can…
PriorityP344high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.28%
19.9th percentile
An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelData functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gdcm | — | — |
| grassroot_dicom | grassroot_dicom | — | — |
| malaterre | grassroots_dicom | — | — |
| msrc | cbl2_kernel_5.15.186.1-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_kernel_5.15.200.1-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_kernel_5.15.202.1-1_on_cbl_mariner_2.0 | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
osv7.5HIGH
vendor_debian7.4HIGH
vendor_msrc5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2025-52582: gdcm - An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelD...
vendor_debian·2025·CVSS 7.4
CVE-2025-52582 [HIGH] CVE-2025-52582: gdcm - An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelD...
An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelData functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.
Scope: local
bookworm: open
bullseye: open
forky: open
sid: open
trixie: open
Microsoft
netfs: Only call folio_start_fscache() one time for each folio
vendor_msrc·2024-03-12·CVSS 5.5
CVE-2023-52582 [MEDIUM] netfs: Only call folio_start_fscache() one time for each folio
netfs: Only call folio_start_fscache() one time for each folio
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
Linux: Linux
Customer Action Required: Yes
GHSA
GHSA-xqwf-q6p3-jgrr: An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelData functionality of Grassroot DICOM 3
ghsa_unreviewed·2025-12-17
CVE-2025-52582 [HIGH] CWE-119 GHSA-xqwf-q6p3-jgrr: An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelData functionality of Grassroot DICOM 3
An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelData functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.
OSV
CVE-2025-52582: An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelData functionality of Grassroot DICOM 3
osv·2025-12-16·CVSS 7.5
CVE-2025-52582 [HIGH] CVE-2025-52582: An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelData functionality of Grassroot DICOM 3
An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelData functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.
No detection rules found.
No public exploits indexed.
Talos
Libbiosig, Grassroot DiCoM, Smallstep step-ca vulnerabilities
blogs_talos·2025-12-17·CVSS 7.4
[HIGH] Libbiosig, Grassroot DiCoM, Smallstep step-ca vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed vulnerabilities in Biosig Project Libbiosig, Grassroot DiCoM, and Smallstep step-ca.
The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy, except for Grassroot, as the DiCoM vulnerabilities are zero-days.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website.
## Libbiosig vulnerability
Discovered by Mark Bereza of Cisco Talos.
BioSig is an open source software library for biomedical signal processing. The BioSig Project seeks to encourage resear
Talos
Libbiosig, Grassroot DiCoM, Smallstep step-ca vulnerabilities
blogs_talos·2025-12-17·CVSS 7.4
[HIGH] Libbiosig, Grassroot DiCoM, Smallstep step-ca vulnerabilities
## Libbiosig, Grassroot DiCoM, Smallstep step-ca vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed vulnerabilities in Biosig Project Libbiosig, Grassroot DiCoM, and Smallstep step-ca.
The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy , except for Grassroot, as the DiCoM vulnerabilities are zero-days.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org , and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website .
## Libbiosig vulnerability
Discovered by Mark Bereza of Cisco Talos.
BioSig is an open source software library for biome
Wiz
CVE-2025-52582 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.4
CVE-2025-52582 [HIGH] CVE-2025-52582 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-52582 :
Linux Debian vulnerability analysis and mitigation
An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelData functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.
Source : NVD
## 7.5
Score
Published December 16, 2025
Severity HIGH
CNA Score 7.4
Affected Technologies
Linux Debian
Echo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 14.4
Exploitation Probability (EPSS) N/A
Affected packages and libraries
gdcm
Sources
NVD
Debian 11, 12, 13 Severity MEDIUM No Fix Added at: Dec 18, 2025
Debian 14 Severity HIGH No Fix
2025-12-16
Published