CVE-2025-14841

Name	CVE-2025-14841
Description	A flaw has been found in OFFIS DCMTK up to 3.6.9. The impacted element is the function DcmQueryRetrieveIndexDatabaseHandle::startFindRequest/DcmQueryRetrieveIndexDatabaseHandle::startMoveRequest in the library dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. This manipulation causes null pointer dereference. The attack requires local access. Upgrading to version 3.7.0 is sufficient to resolve this issue. Patch name: ffb1a4a37d2c876e3feeb31df4930f2aed7fa030. You should upgrade the affected component.
Source	CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs	1123584

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
dcmtk (PTS)	bullseye	3.6.5-1	vulnerable
	bullseye (security)	3.6.5-1+deb11u5	vulnerable
	bookworm	3.6.7-9~deb12u3	vulnerable
	trixie	3.6.9-5	vulnerable
	forky, sid	3.6.9-6	vulnerable

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
dcmtk	source	(unstable)	(unfixed)			1123584

Notes

[trixie] - dcmtk <no-dsa> (Minor issue)
[bookworm] - dcmtk <no-dsa> (Minor issue)
https://support.dcmtk.org/redmine/issues/1183
Fixed by: https://github.com/DCMTK/dcmtk/commit/ffb1a4a37d2c876e3feeb31df4930f2aed7fa030 (DCMTK-3.7.0)