CVE-2025-15281

High CVSS: 7.5

Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.

Vendor

Gnu

Product

Glibc

CWE

CWE-908

Yayın Tarihi

2026-01-20 14:16:07

Güncelleme

2026-02-05 17:43:18

Source Identifier

3ff69d7a-14f2-4f67-a097-88dee7810d18

KEV Date Added

Kategoriler

CWE-908 Glibc HIGH Gnu 2026

Referanslar

https://sourceware.org/bugzilla/show_bug.cgi?id=33814 http://www.openwall.com/lists/oss-security/2026/01/20/3

Benzer Kayıtlar

Medium

CVE-2026-4647

A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files…

Medium

CVE-2026-3441

A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in t…

Medium

CVE-2026-3442

A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read,…

Medium

CVE-2025-69648

GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malfor…

Medium

CVE-2025-69647

GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malfor…

High

CVE-2025-69649

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary wi…