logo_clicknbuy.png

CVE-2025-8746 – “GNU libopts __strstr_sse2 Memory Corruption Vulnerability”

The following table lists the changes that have been made to the
CVE-2025-8746 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution
of a vulnerability, and for identifying the most recent changes that may
impact the vulnerability’s severity, exploitability, or other characteristics.

  • New CVE Received
    by [email protected]

    Aug. 09, 2025

    Action Type Old Value New Value
    Added Tag unsupported-when-assigned
    Added Description A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function __strstr_sse2. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. This issue was initially reported to the tcpreplay project, but the code maintainer explains, that this “bug appears to be in libopts which is an external library.” This vulnerability only affects products that are no longer supported by the maintainer.
    Added CVSS V4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
    Added CVSS V3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
    Added CVSS V2 (AV:L/AC:L/Au:S/C:N/I:N/A:P)
    Added CWE CWE-119
    Added Reference https://drive.google.com/file/d/1yjKOHxvL_9xExy4QUb5x43dxci1x59ts/view?usp=sharing
    Added Reference https://github.com/appneta/tcpreplay/issues/957
    Added Reference https://github.com/appneta/tcpreplay/issues/957#issuecomment-3124774393
    Added Reference https://vuldb.com/?ctiid.319242
    Added Reference https://vuldb.com/?id.319242
    Added Reference https://vuldb.com/?submit.623632
    Added Reference https://www.gnu.org/
Share the Post:

Related Posts