CVE-2025-0838

Source
https://cve.org/CVERecord?id=CVE-2025-0838
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-0838.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-0838
Downstream
Related
Published
2025-02-21T14:20:52.767Z
Modified
2026-07-08T21:44:28.743766Z
Severity
  • 5.9 (Medium) CVSS_V4 - CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:A/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L CVSS Calculator
Summary
Heap Buffer overflow in Abseil
Details

There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve(), and rehash() methods of absl::{flat,node}hash{set,map} did not impose an upper bound on their size argument. As a result, it was possible for a caller to pass a very large size that would cause an integer overflow when computing the size of the container's backing store, and a subsequent out-of-bounds memory write. Subsequent accesses to the container might also access out-of-bounds memory. We recommend upgrading past commit 5a0e2cb5e3958dd90bb8569a2766622cb74d90c1

Database specific
{
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "fixed": "5a0e2cb5e3958dd90bb8569a2766622cb74d90c1"
                }
            ],
            "source": "AFFECTED_FIELD"
        }
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/0xxx/CVE-2025-0838.json",
    "cna_assigner": "Google",
    "cwe_ids": [
        "CWE-190"
    ]
}
References

Affected packages

Git / github.com/abseil/abseil-cpp

Affected ranges

Type
GIT
Repo
https://github.com/abseil/abseil-cpp
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed
Database specific
{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "20250127.0"
        }
    ],
    "cpe": "cpe:2.3:a:abseil:common_libraries:*:*:*:*:*:*:*:*",
    "source": [
        "CPE_RANGE",
        "REFERENCES"
    ]
}

Affected versions

20250127.*
20250127.rc1

Database specific

vanir_signatures
[
    {
        "id": "CVE-2025-0838-0f916922",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "function_hash": "97291139358825537072199480356481516117",
            "length": 242.0
        },
        "source": "https://github.com/abseil/abseil-cpp/commit/9ac7062b1860d895fb5a8cbf58c3e9ef8f674b5f",
        "target": {
            "file": "absl/random/internal/randen_detect.cc",
            "function": "ReadSysctlByName"
        }
    },
    {
        "id": "CVE-2025-0838-70408d69",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "302866912177723989834998072246563076676",
                "108587633537507210242609878158511307392",
                "168585091657632749831189831106559017445"
            ]
        },
        "source": "https://github.com/abseil/abseil-cpp/commit/5a0e2cb5e3958dd90bb8569a2766622cb74d90c1",
        "target": {
            "file": "absl/container/internal/raw_hash_set_test.cc"
        }
    },
    {
        "id": "CVE-2025-0838-73ead8f7",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "196322429488803169946656567063544212150",
                "120063295540870224252334452688430131419",
                "107844395201159193075845461668031090738",
                "214129192229071188727958629632043904028",
                "209412599944108461086069608004052578352",
                "339676684706118172206265814700567649220",
                "250601256813417975392069456638430394339"
            ]
        },
        "source": "https://github.com/abseil/abseil-cpp/commit/5a0e2cb5e3958dd90bb8569a2766622cb74d90c1",
        "target": {
            "file": "absl/container/internal/raw_hash_set.cc"
        }
    },
    {
        "id": "CVE-2025-0838-856d7cd8",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "128803430385030363960233165377333815226",
                "184482724629412295315999015421978273250",
                "249726458520501633949129240983331585499",
                "252024995536440775070325697722422120322"
            ]
        },
        "source": "https://github.com/abseil/abseil-cpp/commit/9ac7062b1860d895fb5a8cbf58c3e9ef8f674b5f",
        "target": {
            "file": "absl/random/internal/randen_detect.cc"
        }
    },
    {
        "id": "CVE-2025-0838-eecf2dcc",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "338669480992124172521663762393859046545",
                "103420730450143868196667306456790233601",
                "55368310963703604166546176273151625527",
                "261183074072603629905480839093114192324",
                "42852039379342248413742780251936658964",
                "324290404210311186240839110500162778118",
                "206857184631474550558186954382213564625",
                "260986666334530949380029701212842446821",
                "4314240451653420688887599635783531637",
                "104509509516305631526955053225617527677",
                "254517409091144281803580005759211295428",
                "247382229631437902036020801246761690982",
                "206094384022907040369081095671023029929",
                "169930438463862701831910351909639499727",
                "132577442977697908417486600047586272994",
                "60093131311153041194507000092676585518",
                "62400307961718354020969675025447459489",
                "136324682708838925239023965547315389812",
                "304723717826515129969740721341041200033",
                "147520603739132135251831733954894849015",
                "204793086442702716354062400985162887484",
                "261061227158621016258738102405648326997",
                "190267957338328497265902168936059347722"
            ]
        },
        "source": "https://github.com/abseil/abseil-cpp/commit/5a0e2cb5e3958dd90bb8569a2766622cb74d90c1",
        "target": {
            "file": "absl/container/internal/raw_hash_set.h"
        }
    }
]
vanir_signatures_modified
"2026-07-08T21:44:28Z"
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-0838.json"