CVE-2025-0633

Publication date 19 February 2025

Last updated 24 February 2025

Ubuntu priority

Medium

Why this priority?

Description

Heap-based Buffer Overflow vulnerability inĀ iniparser_dumpsection_ini() in iniparser allows attacker to read out of bound memory

Status

Package Ubuntu Release Status
iniparser 26.04 LTS resolute
Not affected
25.10 questing
Not affected
25.04 plucky
Not affected
24.10 oracular
Fixed 4.2.1-1ubuntu0.1
24.04 LTS noble
Fixed 4.1-7ubuntu0.1
22.04 LTS jammy
Fixed 4.1-4ubuntu4.2
20.04 LTS focal Ignored end of standard support, was needs-triage
18.04 LTS bionic
Needs evaluation

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
iniparser

References

Related Ubuntu Security Notices (USN)

    • USN-7286-1
    • iniParser vulnerability
    • 24 February 2025

Other references

Access our resources on patching vulnerabilities