CVE-2025-0838

Severity CVSS v4.0:

MEDIUM

Type:

CWE-190 Integer Overflow or Wraparound

Publication date:

21/02/2025

Last modified:

30/07/2025

Description

There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve(), and rehash() methods of absl::{flat,node}hash{set,map} did not impose an upper bound on their size argument. As a result, it was possible for a caller to pass a very large size that would cause an integer overflow when computing the size of the container&#39;s backing store, and a subsequent out-of-bounds memory write. Subsequent accesses to the container might also access out-of-bounds memory. We recommend upgrading past commit 5a0e2cb5e3958dd90bb8569a2766622cb74d90c1

Impact

Vector 4.0

CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:A/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L CVSS v4.0 Severity and Metrics:

Base Score: 5.90 MEDIUM
Vector: CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:A/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L

Attack Vector (AV): Adjacent
Attack Complexity (AC): High
Attack Requirements (AT): Present
Privileges Required (PR): Low
User Interaction (UI): Active
Confidentiality (VC): Low
Integrity (VI): High
Availability (VA): Low
Confidentiality (SC): Low
Integrity (SI): High
Availability (SA): Low

Base Score 4.0

5.90

Severity 4.0

MEDIUM

Vector 3.x

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS v3.1 Severity and Metrics:

Base Score: 9.80 CRITICAL
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): High
Integrity (I): High
Availability (A): High