{"id":"AZL-55937","summary":"CVE-2025-0395 affecting package glibc for versions less than 2.35-9","details":"When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.","modified":"2026-04-21T04:36:02.070914Z","published":"2025-01-22T13:15:20Z","upstream":["CVE-2025-0395"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-0395"}],"affected":[{"package":{"name":"glibc","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/glibc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.35-9"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-55937.json"}}],"schema_version":"1.7.5"}