CVE-2025-52582Improper Restriction of Operations within the Bounds of a Memory Buffer in Dicom

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-125Out-of-bounds Read9 documents8 sources
Severity
7.5HIGHNVD
CNA7.4
EPSS
0.1%
top 82.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Grassroot DicomMalaterre Grassroots Dicom
Timeline
PublishedDec 16
Latest updateDec 17

Description

An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelData functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

🔴Vulnerability Details

3
GHSA
GHSA-xqwf-q6p3-jgrr: An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelData functionality of Grassroot DICOM 32025-12-17
CVEList
CVE-2025-52582: An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelData functionality of Grassroot DICOM 32025-12-16
OSV
CVE-2025-52582: An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelData functionality of Grassroot DICOM 32025-12-16

📋Vendor Advisories

2
Debian
CVE-2025-52582: gdcm - An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelD...2025
Microsoft
netfs: Only call folio_start_fscache() one time for each folio2024-03-12

🕵️Threat Intelligence

3
Talos
Libbiosig, Grassroot DiCoM, Smallstep step-ca vulnerabilities2025-12-17
Talos
Libbiosig, Grassroot DiCoM, Smallstep step-ca vulnerabilities2025-12-17
Wiz
CVE-2025-52582 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2025-52582 — Grassroot Dicom vulnerability | cvebase