CVE-2025-13654

Summary

A stack buffer overflow vulnerability exists in the buffer_get function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read.

Affected Software

VendorProductVersion RangeStatus
DucDuc0 < 1.4.6affected

Weaknesses

  • CWE-121

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References