CVE-2025-4802

EUVD-2025-15553
Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA-ADPADP
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 3%
Affected Products (NVD)
VendorProductVersion
gnuglibc
2.27 ≤
𝑥
≤ 2.38
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
glibc
bookworm
2.36-9+deb12u13
fixed
bookworm (security)
vulnerable
bullseye
vulnerable
bullseye (security)
2.31-13+deb11u13
fixed
forky
2.42-13
fixed
sid
2.42-13
fixed
trixie
2.41-12+deb13u1
fixed
Common Weakness Enumeration
References
https://sourceware.org/bugzilla/show_bug.cgi?id=32976
https://sourceware.org/cgit/glibc/commit/?id=1e18586c5820e329f741d5c710275e165581380e
http://www.openwall.com/lists/oss-security/2025/05/16/7
http://www.openwall.com/lists/oss-security/2025/05/17/2
https://lists.debian.org/debian-lts-announce/2025/05/msg00033.html