How severe is CVE-2025-0662?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.9 out of 10.

What type of vulnerability is CVE-2025-0662?

This is classified as CWE-122, which is a common weakness in software security.

CVE-2025-0662

MEDIUM Year: 2025

CVSS v3 Score

4.9

Medium

Weakness Type

CWE-122

View all →

Vulnerability Description

In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied, even when it is shorter than the full size. This can result in up to 14 uninitialized bytes of kernel memory being copied out to userspace. It is possible for an unprivileged userspace program to leak 14 bytes of a kernel heap allocation to userspace.

CVE-2023-32083

MEDIUM

CVSS:4.9(Medium)

Microsoft Failover Cluster Information Disclosure Vulnerability

CWE-1222023

CVE-2024-37280

MEDIUM

CVSS:4.9(Medium)

A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in ...

CWE-1222024

CVE-2022-1383

MEDIUM

CVSS:4.8(Medium)

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.8. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read...

CWE-1222022

CVE-2024-43168

MEDIUM

CVSS:4.8(Medium)

DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of the...

CWE-1222024