CVE-2025-2581
Published: 21 March 2025
Description
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Security Summary
CVE-2025-2581 is an integer underflow vulnerability (CWE-189, CWE-191) affecting the malloc function in the DICOM File Handler component of xmedcon version 0.25.0. Published on 2025-03-21, it carries a CVSS v3.1 base score of 4.3 (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L), indicating medium severity with potential for limited disruption.
An unauthenticated attacker can exploit this remotely by supplying a malicious DICOM file that triggers the underflow during processing. Exploitation requires user interaction, such as opening the file in xmedcon, and results in a denial-of-service condition through application crash, with no impact on confidentiality or integrity.
Advisories recommend upgrading to xmedcon version 0.25.1 to remediate the issue. Details are documented in VulDB entries (ctiid.300541, id.300541, submit.522216), the xmedcon project release notes, and a Debian LTS announcement.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The integer underflow vulnerability (CWE-191) in xmedcon's DICOM file handler causes memory corruption (SIGBUS), enabling remote exploitation of client-side software for code execution (T1203) or denial-of-service via crash (T1499.004) when a user processes a malformed DICOM file.