UBUNTU-CVE-2025-2581

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2025-2581

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-2581.json

JSON Data

https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2025-2581

Related

CVE-2025-2581

Published

2025-03-21T05:15:00Z

Modified

2025-04-23T15:14:27Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

A vulnerability has been found in xmedcon 0.25.0 and classified as problematic. Affected by this vulnerability is the function malloc of the component DICOM File Handler. The manipulation leads to integer underflow. The attack can be launched remotely. Upgrading to version 0.25.1 is able to address this issue. It is recommended to upgrade the affected component.

References

Affected packages

Ubuntu:Pro:16.04:LTS / xmedcon

Package

Name: xmedcon
Purl: pkg:deb/ubuntu/xmedcon@0.14.1-1?arch=source&distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.13.0-2

0.14.1-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:18.04:LTS / xmedcon

Package

Name: xmedcon
Purl: pkg:deb/ubuntu/xmedcon@0.14.1-2?arch=source&distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.14.1-1build1

0.14.1-2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / xmedcon

Package

Name: xmedcon
Purl: pkg:deb/ubuntu/xmedcon@0.16.1+dfsg-1?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.16.1+dfsg-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / xmedcon

Package

Name: xmedcon
Purl: pkg:deb/ubuntu/xmedcon@0.21.2+dfsg-1?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.16.3+dfsg-1

0.21.2+dfsg-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.10 / xmedcon

Package

Name: xmedcon
Purl: pkg:deb/ubuntu/xmedcon@0.24.0-gtk3+dfsg-2?arch=source&distro=oracular

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.23.0-gtk3+dfsg-1.1build3

0.24.0-gtk3+dfsg-1

0.24.0-gtk3+dfsg-2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / xmedcon

Package

Name: xmedcon
Purl: pkg:deb/ubuntu/xmedcon@0.23.0-gtk3+dfsg-1.1build3?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.23.0-gtk3+dfsg-1

0.23.0-gtk3+dfsg-1.1build1

0.23.0-gtk3+dfsg-1.1build2

0.23.0-gtk3+dfsg-1.1build3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:25.04 / xmedcon

Package

Name: xmedcon
Purl: pkg:deb/ubuntu/xmedcon@0.24.0-gtk3+dfsg-2?arch=source&distro=plucky

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.24.0-gtk3+dfsg-2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}