How severe is CVE-2025-32022?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.6 out of 10.

What type of vulnerability is CVE-2025-32022?

This is classified as CWE-787, which is a common weakness in software security.

CVE-2025-32022 - MEDIUM Severity | CVSS 4.6

Vulnerability Description

Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts of the heap, possibly causing random instabilities and undefined behavior. The urandom plugin is enabled by default, so this bug affects everyone using Finit 4.2 or later that do not explicitly disable the plugin at build time. This bug is fixed in Finit 4.12. Those who cannot upgrade or backport the fix to urandom.c are strongly recommended to disable the plugin in the call to the `configure` script.

Related Vulnerabilities

CVE-2023-23082

MEDIUM

CVSS:4.6(Medium)

A heap buffer overflow vulnerability in Kodi Home Theater Software up to 19.5 allows attackers to cause a denial of service due to an improper length of the value passed to the offset argument.

CWE-7872023

CVE-2023-28064

MEDIUM

CVSS:4.6(Medium)

Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.

CWE-7872023

CVE-2023-43122

MEDIUM

CVSS:4.6(Medium)

Samsung Mobile Processor and Wearable Processor (Exynos 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, and W920) allow Information Disclosure in the Bootloader.

CWE-7872023

CVE-2024-57704

MEDIUM

CVSS:4.6(Medium)

Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartT...

CWE-7872024

CVE-2021-3695

MEDIUM

CVSS:4.5(Medium)

A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and...

CWE-7872021

CVE-2021-3696

MEDIUM

CVSS:4.5(Medium)

A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may...

CWE-7872021