216.73.217.64

CVE-2025-15281

· Published 20/01/2026 14:16 · Modified 20/01/2026 18:16

Labels: CVE-2025-15281 2026-01-203ff69d7a-14f2-4f67-a097-88dee7810d18CVE-2025-15281CWE-908

Essential information

Published
20/01/2026 14:16
Modified
20/01/2026 18:16
Author
Creator
CISA KEV
No
CWE

Description

Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
3ff69d7a-14f2-4f67-a097-88dee7810d18
NVD
View on NVD

Affected products (CPE)

ProductCPE
gnu / gnu c library cpe:2.3:a:gnu:gnu_c_library:2.0-2.42:*:*:*:*:*:*:*

References