Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-2175

Опубликовано: 11 мар. 2025
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5
CVSS3: 4.3

Описание

A vulnerability was found in libzvbi up to 0.2.43. It has been rated as problematic. Affected by this issue is the function _vbi_strndup_iconv. The manipulation leads to integer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue. It is recommended to upgrade the affected component. The code maintainer was informed beforehand about the issues. She reacted very fast and highly professional.

РелизСтатусПримечание
devel

not-affected

0.2.44-1ubuntu1
esm-apps/bionic

released

0.2.35-13ubuntu0.1~esm1
esm-apps/focal

released

0.2.35-17ubuntu0.1~esm1
esm-apps/jammy

released

0.2.35-19ubuntu0.1~esm1
esm-apps/noble

released

0.2.42-2ubuntu0.24.04.1~esm1
esm-apps/xenial

released

0.2.35-10ubuntu0.1~esm1
esm-infra-legacy/trusty

needs-triage

focal

ignored

end of standard support, was needed
jammy

needed

noble

needed

Показывать по

Ссылки на источники

EPSS

Процентиль: 19%
0.00059
Низкий

5 Medium

CVSS2

4.3 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2025-2175

CVSS3: 4.3
nvd
3 месяца назад

A vulnerability was found in libzvbi up to 0.2.43. It has been rated as problematic. Affected by this issue is the function _vbi_strndup_iconv. The manipulation leads to integer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue. It is recommended to upgrade the affected component. The code maintainer was informed beforehand about the issues. She reacted very fast and highly professional.

debian логотип

CVE-2025-2175

CVSS3: 4.3
debian
3 месяца назад

A vulnerability was found in libzvbi up to 0.2.43. It has been rated a ...

github логотип

GHSA-c5fh-wq58-2973

CVSS3: 4.3
github
3 месяца назад

A vulnerability was found in libzvbi up to 0.2.43. It has been rated as problematic. Affected by this issue is the function _vbi_strndup_iconv. The manipulation leads to integer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue. It is recommended to upgrade the affected component. The code maintainer was informed beforehand about the issues. She reacted very fast and highly professional.

fstec логотип

BDU:2025-05983

CVSS3: 4.3
fstec
3 месяца назад

Уязвимость библиотеки захвата и декодирования VBI libzvbi, связанная с целочисленным переполнением в функции _vbi_strndup_iconv(), позволяющая нарушителю вызвать отказ в обслуживании

suse-cvrf логотип

SUSE-SU-2025:0988-1

suse-cvrf
3 месяца назад

Security update for zvbi

EPSS

Процентиль: 19%
0.00059
Низкий

5 Medium

CVSS2

4.3 Medium

CVSS3