CVE-2025-0838

Publication date 21 February 2025

Last updated 14 May 2025

Ubuntu priority

There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve(), and rehash() methods of absl::{flat,node}hash{set,map} did not impose an upper bound on their size argument. As a result, it was possible for a caller to pass a very large size that would cause an integer overflow when computing the size of the container's backing store, and a subsequent out-of-bounds memory write. Subsequent accesses to the container might also access out-of-bounds memory. We recommend upgrading past commit 5a0e2cb5e3958dd90bb8569a2766622cb74d90c1

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
abseil	25.04 plucky	Fixed 20230802.1-4.2ubuntu0.2
	24.10 oracular	Fixed 20230802.1-4ubuntu1.2
	24.04 LTS noble	Fixed 20220623.1-3.1ubuntu3.2
	22.04 LTS jammy	Fixed 0~20210324.2-2ubuntu0.2
	20.04 LTS focal	Not in release

Notes

mdeslaur

There was an additional commit to improve the fix for this issue: https://github.com/abseil/abseil-cpp/commit/fbc0df206fbb5512d0e85b995e1f652d5c905640 but then the fix was reverted: https://github.com/abseil/abseil-cpp/commit/b22423ecb64105ef72797f2fbb251993312ad7bf

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
abseil	Upstream: 5a0e2cb

References

Related Ubuntu Security Notices (USN)