Vulnerability DatabaseCVE-2025-12205

CVE-2025-12205:
Linux Debian vulnerability analysis and mitigation

Overview

A use-after-free vulnerability was identified in Kamailio 5.5, specifically in the srpushyy_state function of the Configuration File Handler (src/core/cfg.lex). The vulnerability was disclosed on October 27, 2025, and has been assigned CVE-2025-12205. The vulnerability's existence is currently disputed, as it requires local access and manipulation of configuration files, which may not represent a realistic attack scenario (VulDB Entry, OSS Security).

Technical details

The vulnerability is classified as a use-after-free (CWE-416) issue in the configuration file parsing mechanism. It received a CVSS v3.1 base score of 7.8 (High) from NVD and 5.3 (Medium) from VulDB, with a CVSS v4.0 score of 4.8 (Medium). The vulnerability requires local access and low privileges to exploit. The attack vector involves manipulating configuration files that handle import/include functionality, potentially leading to reading freed memory during configuration parsing (VulDB Entry).

Impact

If successfully exploited, the vulnerability could affect system confidentiality, integrity, and availability. The primary impact would be a process crash at startup, resulting in a Denial of Service condition. There's also potential for memory corruption that could be leveraged for further exploitation (VulDB Entry).

Mitigation and workarounds

No specific mitigation strategies have been officially documented. The vendor was contacted about the disclosure but has not responded with patches or workarounds. The Kamailio project is currently reviewing the vulnerability claim and is likely to dispute its validity (OSS Security).

Community reactions

The security community has expressed skepticism about the severity and validity of this vulnerability. The Kamailio project team has indicated they were not aware of these CVEs until they were publicly disclosed and have questioned their legitimacy. Security researchers have noted that the attack scenario is unrealistic, as having configuration file access would already grant significant control over the system (OSS Security).

Additional resources

Source: This report was generated using AI

Related Linux Debian vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-61729	HIGH	7.5	Docker	golang-1.19	No	Yes	Dec 02, 2025
CVE-2025-64460	HIGH	7.5	Linux Debian	python-django	No	Yes	Dec 02, 2025
CVE-2025-65187	MEDIUM	6.1	Linux Debian	civicrm	No	No	Dec 02, 2025
CVE-2025-65105	MEDIUM	4.5	Linux Debian	github.com/apptainer/apptainer	No	Yes	Dec 02, 2025
CVE-2025-13372	MEDIUM	4.3	Linux Debian	py3-django	No	Yes	Dec 02, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

A threat intelligence database

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."

David EstlickCISO

"Wiz provides a single pane of glass to see what is going on in our cloud environments."

Adam FletcherChief Security Officer

"We know that if Wiz identifies something as critical, it actually is."

Greg PoniatowskiHead of Threat and Vulnerability Management

Get a demo

CVE-2025-12205: Linux Debian vulnerability analysis and mitigation