glibc 2.34-125.1.el9_5.security.0.11

solardiz · solardiz · commit c29a04b3db64 · 2025-01-29T04:17:27.000+01:00
diff --git a/docs/issues/CVE-2025-0395.md b/docs/issues/CVE-2025-0395.md
@@ -0,0 +1,21 @@
+# CVE-2025-0395: glibc
+
+## Title
+
+CVE-2025-0395: glibc: Buffer overflow in assert()
+
+## Summary
+
+As [discovered by Qualys](https://www.openwall.com/lists/oss-security/2025/01/22/4) and summarized by glibc upstream:
+
+When the `assert()` function fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.
+
+Public disclosure date: January 22, 2025
+
+## EL9
+
+- Fixed in version: `2.34-125.1.el9_5.security.0.11` available January 27, 2025
+
+## EL8
+
+- Affected
diff --git a/docs/news.md b/docs/news.md
@@ -2,6 +2,10 @@
 
 These are what we consider significant SIG/Security news items, not an exhaustive list of package updates and wiki edits.
 
+## January 28, 2025
+
+[glibc](packages/glibc.md) `2.34-125.1.el9_5.security.0.11` includes a fix for the `assert()` buffer overflow [CVE-2025-0395](issues/CVE-2025-0395.md) discovered by Qualys.
+
 ## November 23, 2024
 
 [glibc](packages/glibc.md) and [openssh](packages/openssh.md) rebased on EL 9.5's,
diff --git a/docs/packages/glibc.md b/docs/packages/glibc.md
@@ -2,7 +2,7 @@
 
 ## EL9
 
-- Version `2.34-125.1.el9_5.security.0.10`
+- Version `2.34-125.1.el9_5.security.0.11`
 - Based on `2.34-125.el9_5.1`
 
 ### Changes summary
@@ -17,6 +17,8 @@
 
 #### Known-effective vulnerability mitigations and fixes
 
+`2.34-125.1.el9_5.security.0.11` and above includes a fix for the `assert()` buffer overflow CVE-2025-0395 discovered by Qualys.
+
 `2.34-83.12.el9_3.security.0.6` and above includes nscd CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602 fixes from upstream glibc 2.34 branch, which upstream EL also included starting with `2.34-100.el9_4.2`.
 
 `2.34-83.12.el9_3.security.0.5` and above includes `iconv(3)` ISO-2022-CN-EXT [CVE-2024-2961](../issues/CVE-2024-2961.md) fix from upstream glibc 2.34 branch, which upstream EL also included starting with `2.34-100.el9_4.2`.
@@ -28,6 +30,10 @@ In general, inclusion of additional security fixes will be "reverted" if and whe
 ### Change log
 
 ```
+* Mon Jan 27 2025 Solar Designer <solar@openwall.com> - 2.34-125.1.el9.security.0.11
+- Fix assert() buffer overflow CVE-2025-0395 discovered by Qualys:
+  https://www.openwall.com/lists/oss-security/2025/01/22/4
+
 * Thu Nov 21 2024 Solar Designer <solar@openwall.com> - 2.34-125.1.el9.security.0.10
 - Rebase on 2.34-125.1
 
