CVE-2025-48431
Published: 28 April 2026
Summary
CVE-2025-48431 is a high-severity Mismatched Memory Management Routines (CWE-762) vulnerability in Apache Thrift. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 43.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mandates timely remediation of the mismatched memory management flaw in Apache Thrift c_glib bindings by upgrading to version 0.23.0.
Implements controls to minimize the impact of memory exploits like the invalid pointer free triggered by specially crafted Thrift requests.
Validates and sanitizes incoming Thrift requests to block specially crafted inputs that trigger the memory management mismatch.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability description directly describes remote unauthenticated exploitation of a memory management flaw to crash a network-accessible server, matching T1499.004 (Application or System Exploitation) for denial-of-service impact.
NVD Description
Mismatched Memory Management Routines vulnerability in Apache Thrift c_glib language bindings. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue. Description: Specially crafted requests can crash an c_glib-based Thrift server…
more
with a clean but fatal "free(): invalid pointer" error message.
Deeper analysisAI
CVE-2025-48431 is a mismatched memory management routines vulnerability (CWE-762) in the c_glib language bindings of Apache Thrift. It affects versions of Apache Thrift prior to 0.23.0, where specially crafted requests can trigger a crash in a c_glib-based Thrift server, resulting in a clean but fatal "free(): invalid pointer" error message. The vulnerability has a CVSS v3.1 base score of 7.5, reflecting its network accessibility, low attack complexity, lack of required privileges or user interaction, unchanged scope, and high impact on availability with no impact on confidentiality or integrity.
Any unauthenticated remote attacker with network access to a vulnerable c_glib-based Thrift server can exploit this issue by sending specially crafted requests, causing a denial-of-service condition through server crashes. Exploitation requires no privileges or user interaction, making it straightforward for attackers to repeatedly trigger the crash and disrupt service availability.
Apache advisories recommend upgrading to Apache Thrift version 0.23.0, which resolves the issue. Additional details are available in the Apache mailing list announcement at https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql and the oss-security mailing list post at http://www.openwall.com/lists/oss-security/2026/04/28/8.
Details
- CWE(s)