How severe is CVE-2025-1152?

This vulnerability has a severity rating of LOW with a CVSS score of 3.7 out of 10.

What type of vulnerability is CVE-2025-1152?

This is classified as CWE-401, which is a common weakness in software security.

CVE-2025-1152

LOW Year: 2025

CVSS v3 Score

3.7

Low

CVSS v2 Score

2.6

Low

Weakness Type

CWE-401

View all →

Vulnerability Description

A vulnerability classified as problematic has been found in GNU Binutils 2.43. Affected is the function xstrdup of the file xstrdup.c of the component ld. The manipulation leads to memory leak. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."

CVE-2025-23165

LOW

CVSS:3.7(Low)

In Node.js, the `ReadFileUtf8` internal binding leaks memory due to a corrupted pointer in `uv_fs_s.file`: a UTF-16 path buffer is allocated but subsequently overwritten when the file descriptor is se...

CWE-4012025

CVE-2019-20382

LOW

CVSS:3.5(Low)

QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is no...

CWE-4012019

CVE-2019-19073

MEDIUM

CVSS:4.0(Medium)

Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout(...

CWE-4012019

CVE-2022-23091

MEDIUM

CVSS:4.0(Medium)

A particular case of memory sharing is mishandled in the virtual memory system. This is very similar to SA-21:08.vm, but with a different root cause. An unprivileged local user process can maintain a ...

CWE-4012022

CVE-2019-19057

LOW

CVSS:3.3(Low)

Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory con...

CWE-4012019

CVE-2019-3815

LOW

CVSS:3.3(Low)

A memory leak was discovered in the backport of fixes for CVE-2018-16864 in Red Hat Enterprise Linux. Function dispatch_message_real() in journald-server.c does not free the memory allocated by set_io...

CWE-4012019

CVE-2025-1152

Vulnerability Description

Related Vulnerabilities

CVE-2025-23165

CVE-2019-20382

CVE-2019-19073

CVE-2022-23091

CVE-2019-19057

CVE-2019-3815