CVE-2025-32022

Name: CVE-2025-32022
Creator: NVD / NIST
Published: 2025-05-06T17:16:12.097+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 4.6/10EPSS 0.12%

Last modified Jun 17, 2026

CVE-2025-32022 is a medium-severity vulnerability rated 4.6/10 on the CVSS scale. Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts of the heap, possibly causing random instabilities and undefined behavior. EPSS estimates a 0.12% chance of exploitation in the next 30 days.

Description

Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts of the heap, possibly causing random instabilities and undefined behavior. The urandom plugin is enabled by default, so this bug affects everyone using Finit 4.2 or later that do not explicitly disable the plugin at build time. This bug is fixed in Finit 4.12. Those who cannot upgrade or backport the fix to urandom.c are strongly recommended to disable the plugin in the call to the `configure` script.

Metrics

CVSS 3.1

4.6/10

CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:L

EPSS Probability

0.12%

2.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-787

References

Timeline

Published: May 6, 2025
Last Modified: Jun 17, 2026
Status: Deferred

Frequently Asked Questions

What is CVE-2025-32022?

How severe is CVE-2025-32022?

CVE-2025-32022 has a CVSS score of 4.6/10 (MEDIUM severity). The EPSS model estimates a 0.12% probability of exploitation in the next 30 days.

How do I fix CVE-2025-32022?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-32022?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST