Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Debian 11: libfcgi Critical Integer Overflow Buffer Overflow DLA-4329-1

debian lts
Calendar Grey October 13, 2025
Scroller Debian Lts
Critical libfcgi update addresses integer overflow and buffer overflow risks. Upgrade recommended for Debian 11 users.
An issue has been found in libfcgi, a FastCGI bridge from CGI

Summary

An issue has been found in libfcgi, a FastCGI bridge from CGI. The issue
is related to an integer overflow (and resultant heap-based buffer
overflow) via crafted nameLen or valueLen values in data to the IPC
socket.


For Debian 11 bullseye, this problem has been fixed in version
2.4.2-2+deb11u1.

We recommend that you upgrade your libfcgi packages.

For the detailed security status of libfcgi please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/libfcgi

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



Severity
critical
Lowest
Low
Medium
High
Critical

Package: libfcgi
Version: 2.4.2-2+deb11u1
CVE ID: CVE-2025-23016

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.