CVE-2025-7208

LOW EPSS 42.0%
Published Jul 9, 202511mo ago · Modified Jun 17, 20261w ago
2.0 CVSS 4.0
Low
Find Similar
Published Jul 9, 2025 11mo ago
Last Modified Jun 17, 2026 1w ago

Description

A vulnerability was found in 9fans plan9port up to 9da5b44. It has been classified as critical. This affects the function edump in the library /src/plan9port/src/libsec/port/x509.c. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The identifier of the patch is b3e06559475b0130a7a2fb56ac4d131d13d2012f. It is recommended to apply a patch to fix this issue.

CVSS Details

Base Score
2.0
Exploitability
Impact
Vector string
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Adjacent
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
42.0% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 2

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety
CWE-122

Affected Products 1

VendorProductVersionRange
9fansplan9port* ≤2025-03-29

References 8

  • drive.google.com https://drive.google.com/drive/folders/1kedwNLNDiFQB2OAp7S-ZKYoF7nxfIZGO?usp=sharing
    Product
  • git.9front.org https://git.9front.org/plan9front/plan9front/b3e06559475b0130a7a2fb56ac4d131d13d2012f/commit.html
    Patch
  • github.com https://github.com/9fans/plan9port/issues/710#issuecomment-2819906648
    Patch
  • github.com https://github.com/user-attachments/files/19698345/plan9port_crash_1.txt
    Exploit
  • vuldb.com https://vuldb.com/?ctiid.259053
    Permissions RequiredVDB Entry
  • vuldb.com https://vuldb.com/?id.259053
    Third Party AdvisoryVDB Entry
  • vuldb.com https://vuldb.com/?submit.304567
    Third Party AdvisoryVDB Entry
  • vuldb.com https://vuldb.com/?submit.607684
    Third Party AdvisoryVDB Entry

Remediation

  • git.9front.org https://git.9front.org/plan9front/plan9front/b3e06559475b0130a7a2fb56ac4d131d13d2012f/commit.html
    Patch
  • github.com https://github.com/9fans/plan9port/issues/710#issuecomment-2819906648
    Patch