2346987 – (CVE-2025-0838) CVE-2025-0838 abseil-cpp: Heap Buffer overflow in Abseil

Bug 2346987 (CVE-2025-0838) - CVE-2025-0838 abseil-cpp: Heap Buffer overflow in Abseil

Summary: CVE-2025-0838 abseil-cpp: Heap Buffer overflow in Abseil

Keywords:
Status:	NEW
Alias:	CVE-2025-0838
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2347312 2347313 2347314 2347315
Blocks:
TreeView+	depends on / blocked

Reported:	2025-02-21 15:01 UTC by OSIDB Bzimport
Modified:	2025-02-24 14:28 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-02-21 15:01:09 UTC

There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve(), and rehash() methods of absl::{flat,node}hash{set,map} did not impose an upper bound on their size argument. As a result, it was possible for a caller to pass a very large size that would cause an integer overflow when computing the size of the container's backing store, and a subsequent out-of-bounds memory write. Subsequent accesses to the container might also access out-of-bounds memory. We recommend upgrading past commit 5a0e2cb5e3958dd90bb8569a2766622cb74d90c1

Note You need to log in before you can comment on or make changes to this bug.