CVE-2025-29364

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-29364
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-29364.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-29364
Downstream
Published
2025-08-28T16:15:34Z
Modified
2025-08-30T00:03:52.955343Z
Summary
[none]
Details

spimsimulator spim v9.1.24 and before is vulnerable to Buffer Overflow in the READSYSCALL and WRITESYSCALL system calls. The application verifies the legitimacy of the starting and ending addresses for memory read/write operations. By configuring the starting and ending addresses for memory read/write to point to distinct memory segments within the virtual machine, it is possible to circumvent these checks.

References

Affected packages

Debian:11 / spim

Package

Name
spim
Purl
pkg:deb/debian/spim?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

8.*

8.0+dfsg-6.1
8.0+dfsg-7

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / spim

Package

Name
spim
Purl
pkg:deb/debian/spim?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

8.*

8.0+dfsg-6.1
8.0+dfsg-7

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / spim

Package

Name
spim
Purl
pkg:deb/debian/spim?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

8.*

8.0+dfsg-7

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:14 / spim

Package

Name
spim
Purl
pkg:deb/debian/spim?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

8.*

8.0+dfsg-7

Ecosystem specific 

{
    "urgency": "not yet assigned"
}