CVE-2025-0838
Published: 21 February 2025
Summary
CVE-2025-0838 is a critical-severity Integer Overflow or Wraparound (CWE-190) vulnerability in Abseil Common Libraries. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 32.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
SI-2 mandates timely identification, reporting, and remediation of software flaws, directly requiring upgrade of vulnerable Abseil-cpp past the specified commit to eliminate the integer overflow and heap buffer overflow.
SI-16 enforces memory protections such as non-executable memory regions and address space layout randomization to prevent exploitation of heap buffer overflows through unauthorized code execution or corruption.
SI-10 requires validation of information inputs like size arguments to Abseil-cpp hash container methods, preventing excessively large values that trigger the integer overflow.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote unauthenticated heap buffer overflow enabling arbitrary code execution over the network in applications using the vulnerable library directly maps to exploitation of public-facing applications.
NVD Description
There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve(), and rehash() methods of absl::{flat,node}hash{set,map} did not impose an upper bound on their size argument. As a result, it was possible for a caller to pass a…
more
very large size that would cause an integer overflow when computing the size of the container's backing store, and a subsequent out-of-bounds memory write. Subsequent accesses to the container might also access out-of-bounds memory. We recommend upgrading past commit 5a0e2cb5e3958dd90bb8569a2766622cb74d90c1
Deeper analysisAI
CVE-2025-0838 is a heap buffer overflow vulnerability in the Abseil-cpp library (CWE-190: Integer Overflow or Wraparound). It affects the sized constructors, reserve(), and rehash() methods of absl::flat_hash_set, absl::flat_hash_map, absl::node_hash_set, and absl::node_hash_map. These methods failed to impose an upper bound on the size argument, enabling a caller to supply an excessively large value. This triggers an integer overflow when calculating the container's backing store size, leading to an out-of-bounds memory write, with subsequent container accesses potentially causing additional out-of-bounds reads or writes.
A remote, unauthenticated attacker can exploit this vulnerability over the network with low attack complexity and no user interaction required (CVSS v3.1: 9.8/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). By passing a crafted large size argument to the vulnerable methods, the attacker induces the overflow and out-of-bounds write, which could result in arbitrary code execution, data corruption, or denial of service through memory corruption in applications relying on these Abseil-cpp hash container implementations.
Mitigation involves upgrading Abseil-cpp past commit 5a0e2cb5e3958dd90bb8569a2766622cb74d90c1, as detailed in the project's GitHub commit. Debian LTS has also announced updates addressing this issue in affected packages.
Details
- CWE(s)