Bug 2430670 (CVE-2025-15536)

Summary: CVE-2025-15536 opencc: OpenCC: Heap-based buffer overflow in MaxMatchSegmentation function allows local attackers to impact system integrity.
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A flaw was found in BYVoid OpenCC. This vulnerability involves a heap-based buffer overflow, a type of memory corruption, within the MaxMatchSegmentation function. A local attacker can exploit this by providing specially crafted input, which may lead to information disclosure, denial of service, or potentially arbitrary code execution. An exploit for this issue is publicly available.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2430837, 2430838, 2430839    
Bug Blocks:    

Description OSIDB Bzimport 2026-01-18 10:01:15 UTC 
A weakness has been identified in BYVoid OpenCC up to 1.1.9. This vulnerability affects the function opencc::MaxMatchSegmentation of the file src/MaxMatchSegmentation.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been made available to the public and could be used for attacks. Patch name: 345c9a50ab07018f1b4439776bad78a0d40778ec. To fix this issue, it is recommended to deploy a patch.