CVE-2025-47151

NameCVE-2025-47151
DescriptionA type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-6058-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
lasso (PTS)bullseye2.6.1-3vulnerable
bookworm2.8.1-1vulnerable
bookworm (security)2.8.1-1+deb12u1fixed
trixie2.8.2-9vulnerable
trixie (security)2.8.2-9+deb13u1fixed
sid, forky2.9.0-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
lassosourcebookworm2.8.1-1+deb12u1DSA-6058-1
lassosourcetrixie2.8.2-9+deb13u1DSA-6058-1
lassosource(unstable)2.9.0-1

Notes

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2193
https://git.entrouvert.org/lasso.git/commit/?id=8d12e6263fd6add923469bd5704e05a1ccfa8c69 (v2.9.0)
Search for package or bug name: Reporting problems