UBUNTU-CVE-2025-29364
- Source
- https://ubuntu.com/security/CVE-2025-29364
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-29364.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2025-29364
- Upstream
- Published
- 2025-08-28T16:15:00Z
- Modified
- 2025-09-03T17:49:54Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
spimsimulator spim v9.1.24 and before is vulnerable to Buffer Overflow in the READSYSCALL and WRITESYSCALL system calls. The application verifies the legitimacy of the starting and ending addresses for memory read/write operations. By configuring the starting and ending addresses for memory read/write to point to distinct memory segments within the virtual machine, it is possible to circumvent these checks.
- References
-
- https://ubuntu.com/security/CVE-2025-29364
- https://www.cve.org/CVERecord?id=CVE-2025-29364
- https://gist.github.com/Giles-one/a398e3da21ea9567970c6f0de543c3b3
- https://github.com/Giles-one/spimsimulatorEscape?tab=readme-ov-file#bug2-bypass-check-in-read_syscall-and-write_syscall-leading-to-out-of-bounds-readwrite
Affected packages
Ubuntu:Pro:16.04:LTS / spim
Package
- Name
- spim
- Purl
- pkg:deb/ubuntu/spim@8.0+dfsg-6?arch=source&distro=esm-apps/xenial
Ubuntu:Pro:18.04:LTS / spim
Package
- Name
- spim
- Purl
- pkg:deb/ubuntu/spim@8.0+dfsg-6.1?arch=source&distro=esm-apps/bionic
Ubuntu:Pro:20.04:LTS / spim
Package
- Name
- spim
- Purl
- pkg:deb/ubuntu/spim@8.0+dfsg-6.1?arch=source&distro=esm-apps/focal
Ubuntu:22.04:LTS / spim
Package
- Name
- spim
- Purl
- pkg:deb/ubuntu/spim@8.0+dfsg-6.1?arch=source&distro=jammy
Ubuntu:24.04:LTS / spim
Package
- Name
- spim
- Purl
- pkg:deb/ubuntu/spim@8.0+dfsg-7?arch=source&distro=noble