alpine · CVE-2025-9396

Quick triage

Priority: not assigned Published: Updated:

View at Official alpine advisory, NVD, CVE.org · CVE detail

Freshness: no update timestamp found; verify against the upstream OS advisory manually.

Tracker summary

CVE-2025-9396: 1 source package rows (lrzip); 7 state rows across 3 repos (3.22-community, 3.23-community, edge-community); fixed 0, open 7.

Description:

A security flaw has been discovered in ckolivas lrzip up to 0.651. This impacts the function __GI_____strtol_l_internal of the file strtol_l.c. Performing manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been released to the public and may be exploited.

cvelogic Threat Intelligence