Skip to main content

Suse CVE-2025-65104

| EUVDEUVD-2025-209528 HIGH
Information Exposure (CWE-200)
2026-04-17 GitHub_M
7.9
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
7.9 HIGH
AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L
SUSE
HIGH
qualitative

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
High
Availability
Low

Lifecycle Timeline

7
Patch released
Apr 24, 2026 - 20:27 nvd
Patch available
Patch available
Apr 17, 2026 - 19:16 EUVD
Re-analysis Queued
Apr 17, 2026 - 19:07 vuln.today
cvss_changed
Analysis Generated
Apr 17, 2026 - 18:44 vuln.today
EUVD ID Assigned
Apr 17, 2026 - 18:15 euvd
EUVD-2025-209528
Analysis Generated
Apr 17, 2026 - 18:15 vuln.today
CVE Published
Apr 17, 2026 - 17:47 nvd
HIGH 7.9

DescriptionGitHub Advisory

Firebird is an open-source relational database management system. In versions FB3 of the client library placed incorrect data length values into XSQLDA fields when communicating with FB4 or higher servers, resulting in an information leak. This issue is fixed by upgrading to the FB4 client or higher.

AnalysisAI

Information disclosure in Firebird 3.x client library when connecting to Firebird 4+ servers allows local authenticated users to leak sensitive data through incorrect XSQLDA field length values. The vulnerability requires both the FB3 client library and an FB4+ server in the deployment. No active exploitation confirmed (not in CISA KEV), but CVSS 7.9 with scope change (S:C) indicates potential cross-boundary impact. Remediation requires upgrading the client library to Firebird 4.0.0 or higher.

Technical ContextAI

Firebird is an open-source SQL relational database management system supporting ANSI SQL standards. XSQLDA (Extended SQL Descriptor Area) is a data structure used in Firebird's client-server protocol to describe the format and metadata of query parameters and result sets. The vulnerability stems from CWE-200 (Exposure of Sensitive Information) where the FB3 client library incorrectly populates data length fields in XSQLDA structures during inter-version communication with FB4+ servers. This protocol-level incompatibility causes the client to misinterpret buffer boundaries, potentially exposing memory contents beyond intended data boundaries. The affected component is specifically the FB3 client library (cpe:2.3:a:firebirdsql:firebird:*:*:*:*:*:*:*:*), not the server itself, making this a client-side library vulnerability dependent on server version interaction.

RemediationAI

Upgrade all Firebird client libraries to version 4.0.0 or higher, available at https://github.com/FirebirdSQL/firebird/releases/tag/v4.0.0. This is a client-side fix requiring application redeployment or library updates on systems running database client applications, not server patching. For environments unable to immediately upgrade client libraries, enforce network segmentation to limit local access to systems running Firebird clients, and audit all users with local system access (PR:L requirement). Alternatively, downgrade Firebird servers to 3.x versions to match client library versions, though this sacrifices FB4+ features and may introduce other security regressions. Monitor database connection logs for unexpected data access patterns that could indicate information leak exploitation. No server-side configuration workaround exists - this requires binary client library replacement.

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Linux Enterprise Module for Package Hub 15 SP7 Fixed
openSUSE Leap 15.6 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP5 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP6 Fixed
openSUSE Leap 15.3 Fixed

Share

CVE-2025-65104 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy