CVE-2025-0577
Publication date 29 January 2025
Last updated 19 February 2026
Ubuntu priority
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| eglibc | ||
| 24.04 LTS noble | Not in release | |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 14.04 LTS trusty |
Not affected
|
|
| glibc | ||
| 24.04 LTS noble |
Not affected
|
|
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal |
Not affected
|
|
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial |
Not affected
|
Notes
rodrigo-zaiden
needs a better triage, debian have: "Doesn't affect any released version of glibc" but I'm not sure if Noble and Oracular are affected or not.
hlibk
Per the fedora bug report, this seems to be an issue that got caught during the 2.41 development, and is not an issue in upstream releases. Therefore, Ubuntu releases don't seem to be affected.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
4.8 · Medium
|
| Attack vector | Network |
| Attack complexity | High |
| Privileges required | None |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | Low |
| Integrity impact | Low |
| Availability impact | None |
| Vector | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N |