CVE-2025-23016
Published: January 13, 2025Last modified: June 7, 2025
Description
FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 9.3 |
| Attack Vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | NONE |
| User interaction | NONE |
| Scope | CHANGED |
| Confidentiality | HIGH |
| Integrity impact | HIGH |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
Notes
https://github.com/FastCGI-Archives/fcgi2/commit/b0eabcaf4d4f371514891a52115c746815c2ff15
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | fcgi | Vulnerable (2.4.2-r1) |
| Stream | fcgi | Fixed (2.4.6-r0) |
References
- http://www.openwall.com/lists/oss-security/2025/04/23/4
- https://github.com/FastCGI-Archives/fcgi2/issues/67
- https://github.com/FastCGI-Archives/fcgi2/releases/tag/2.4.5
- https://lists.debian.org/debian-lts-announce/2025/10/msg00009.html
- https://www.synacktiv.com/en/publications/cve-2025-23016-exploiting-the-fastcgi-library