| Package | glibc |
|---|---|
| Version | 2.19-18+deb8u15 (jessie), 2.24-11+deb9u8 (stretch) |
| Related CVEs | CVE-2025-0395 |
A flaw was found in the implementation of assert() in the GNU C Library, the C standard library implementation used by Debian. When the function fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.
For Debian 8 jessie, these problems have been fixed in version 2.19-18+deb8u15.
For Debian 9 stretch, these problems have been fixed in version 2.24-11+deb9u8.
We recommend that you upgrade your glibc packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.