CVE-2025-4001

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Apr 28, 2025

Updated: Apr 29, 2025

CWE ID 129

Summary

CVE-2025-4001 is a newly identified vulnerability affecting the scipopt scip software up to version 9.2.1. This issue lies within the File Descriptor Handler component, specifically in the function main of the file examples/LOP/src/genRandomLOPInstance.c. The manipulation of the argument File results in uncontrolled file descriptor consumption, leading to potential security risks. Local access is necessary for an attacker to exploit this vulnerability. Upgrading to version 9.2.2, which includes the patch with identifier d6da63b941216d75fbc1aefea9abf1de6712a2d0, is recommended to mitigate this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Linux Kernel

Affected Vendors

LINUX

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

Know What Matters

For Customers

For Partners