Vulnerability Details CVE-2025-0838
There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve(), and rehash() methods of absl::{flat,node}hash{set,map} did not impose an upper bound on their size argument. As a result, it was possible for a caller to pass a very large size that would cause an integer overflow when computing the size of the container's backing store, and a subsequent out-of-bounds memory write. Subsequent accesses to the container might also access out-of-bounds memory. We recommend upgrading past commit 5a0e2cb5e3958dd90bb8569a2766622cb74d90c1
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.4%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2025-0838
-
cpe:2.3:a:abseil:common_libraries:20180600
-
cpe:2.3:a:abseil:common_libraries:20181200
-
cpe:2.3:a:abseil:common_libraries:20181200.1
-
cpe:2.3:a:abseil:common_libraries:20190808
-
cpe:2.3:a:abseil:common_libraries:20190808.1
-
cpe:2.3:a:abseil:common_libraries:20200225
-
cpe:2.3:a:abseil:common_libraries:20200225.1
-
cpe:2.3:a:abseil:common_libraries:20200225.2
-
cpe:2.3:a:abseil:common_libraries:20200225.3
-
cpe:2.3:a:abseil:common_libraries:20200923
-
cpe:2.3:a:abseil:common_libraries:20200923.1
-
cpe:2.3:a:abseil:common_libraries:20200923.2
-
cpe:2.3:a:abseil:common_libraries:20200923.3
-
cpe:2.3:a:abseil:common_libraries:20210324.0
-
cpe:2.3:a:abseil:common_libraries:20210324.1
-
cpe:2.3:a:abseil:common_libraries:20210324.2
-
cpe:2.3:a:abseil:common_libraries:20211102.0
-
cpe:2.3:a:abseil:common_libraries:20220623.0
-
cpe:2.3:a:abseil:common_libraries:20220623.1
-
cpe:2.3:a:abseil:common_libraries:20220623.2
-
cpe:2.3:a:abseil:common_libraries:20230125.0
-
cpe:2.3:a:abseil:common_libraries:20230125.1
-
cpe:2.3:a:abseil:common_libraries:20230125.2
-
cpe:2.3:a:abseil:common_libraries:20230125.3
-
cpe:2.3:a:abseil:common_libraries:20230125.4
-
cpe:2.3:a:abseil:common_libraries:20230802.0
-
cpe:2.3:a:abseil:common_libraries:20230802.1
-
cpe:2.3:a:abseil:common_libraries:20230802.2
-
cpe:2.3:a:abseil:common_libraries:20230802.3
-
cpe:2.3:a:abseil:common_libraries:20240116.0
-
cpe:2.3:a:abseil:common_libraries:20240116.1
-
cpe:2.3:a:abseil:common_libraries:20240116.2
-
cpe:2.3:a:abseil:common_libraries:20240116.3
-
cpe:2.3:a:abseil:common_libraries:20240722.0
-
cpe:2.3:a:abseil:common_libraries:20240722.1
-
cpe:2.3:o:debian:debian_linux:11.0