Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-9301

Опубликовано: 21 авг. 2025
Источник: redhat
CVSS3: 3.3

Описание

A vulnerability was determined in cmake 4.1.20250725-gb5cce23. This affects the function cmForEachFunctionBlocker::ReplayItems of the file cmForEachCommand.cxx. This manipulation causes reachable assertion. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. Patch name: 37e27f71bc356d880c908040cd0cb68fa2c371b8. It is suggested to install a patch to address this issue.

A reachable assertion flaw has been discovered in the Cmake build system. A local attacker who can construct crafted input could reach this assertion and cause a program crash.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10cmakeFix deferred
Red Hat Enterprise Linux 6cmakeOut of support scope
Red Hat Enterprise Linux 7cmakeOut of support scope
Red Hat Enterprise Linux 8cmakeFix deferred
Red Hat Enterprise Linux 9cmakeFix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-617
https://bugzilla.redhat.com/show_bug.cgi?id=2390085cmake: cmake reachable assertion

3.3 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-9301

CVSS3: 3.3
ubuntu
28 дней назад

A vulnerability was determined in cmake 4.1.20250725-gb5cce23. This affects the function cmForEachFunctionBlocker::ReplayItems of the file cmForEachCommand.cxx. This manipulation causes reachable assertion. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. Patch name: 37e27f71bc356d880c908040cd0cb68fa2c371b8. It is suggested to install a patch to address this issue.

nvd логотип

CVE-2025-9301

CVSS3: 3.3
nvd
27 дней назад

A vulnerability was determined in cmake 4.1.20250725-gb5cce23. This affects the function cmForEachFunctionBlocker::ReplayItems of the file cmForEachCommand.cxx. This manipulation causes reachable assertion. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. Patch name: 37e27f71bc356d880c908040cd0cb68fa2c371b8. It is suggested to install a patch to address this issue.

debian логотип

CVE-2025-9301

CVSS3: 3.3
debian
27 дней назад

A vulnerability was determined in cmake 4.1.20250725-gb5cce23. This af ...

github логотип

GHSA-mff3-m38v-mgv6

CVSS3: 3.3
github
27 дней назад

A vulnerability was determined in cmake 4.1.20250725-gb5cce23. This affects the function cmForEachFunctionBlocker::ReplayItems of the file cmForEachCommand.cxx. This manipulation causes reachable assertion. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. Patch name: 37e27f71bc356d880c908040cd0cb68fa2c371b8. It is suggested to install a patch to address this issue.

3.3 Low

CVSS3