JLSEC-2025-172 A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bid...

🗓️ 20 Oct 2025 22:55:27Reported by GoogleType

osv🔗 osv.dev👁 1 Views

Segmentation fault flaw in Fribidi affects fribidi_remove_bidi_marks and can crash Fribidi, enabling denial of service.

Reporter	Title	Published	Views	Family All 127
ATTACKERKB	CVE-2022-25310	6 Sep 202218:15	–	attackerkb
Tenable Nessus	Amazon Linux 2022 : fribidi, fribidi-devel (ALAS2022-2022-091)	7 Sep 202200:00	–	nessus
Tenable Nessus	Amazon Linux 2022 : fribidi, fribidi-devel (ALAS2022-2022-200)	4 Nov 202200:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : fribidi, fribidi-devel (ALAS2023-2023-069)	21 Mar 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : fribidi (ALAS-2023-2116)	20 Jul 202300:00	–	nessus
Tenable Nessus	AlmaLinux 8 : fribidi (ALSA-2022:7514)	14 Nov 202200:00	–	nessus
Tenable Nessus	AlmaLinux 9 : fribidi (ALSA-2022:8011)	19 Nov 202200:00	–	nessus
Tenable Nessus	CentOS 8 : fribidi (CESA-2022:7514)	9 Nov 202200:00	–	nessus
Tenable Nessus	CentOS 9 : fribidi-1.0.10-6.el9.2	29 Feb 202400:00	–	nessus
Tenable Nessus	Debian DLA-2974-1 : fribidi - LTS security update	15 Apr 202200:00	–	nessus

Source	Link
access	www.access.redhat.com/security/cve/CVE-2022-25310
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
github	www.github.com/fribidi/fribidi/issues/183
github	www.github.com/fribidi/fribidi/pull/186

06 Nov 2025 23:03Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.15.5

EPSS0.00037