CVE-2025-8058 (MEDIUM): detected in Lambda Docker Images.

[the-lambda-watchdog]

CVE Details

CVE ID	Severity	Affected Package	Installed Version	Fixed Version	Date Published	Date of Scan
CVE-2025-8058	MEDIUM	glibc	2.26-64.amzn2.0.4	2.26-64.amzn2.0.5	2025-07-23T20:15:27.747Z	2025-10-28T10:18:19.598179003Z

---

Affected Docker Images

Image Name	SHA
public.ecr.aws/lambda/provided:al2	public.ecr.aws/lambda/provided@sha256:56b3eaf75f3d7a08a60d52fb43835cfc6dba1e7af44b2a006ac80a3475fc0bed
public.ecr.aws/lambda/python:3.11	public.ecr.aws/lambda/python@sha256:23907aa866f77da35fdbfcc10803b565acc2d10714a0b8fb387c66fbc4c04370
public.ecr.aws/lambda/python:3.10	public.ecr.aws/lambda/python@sha256:ba8319078cf6ffbe85a3387787f7bde6790639ad10c57d5788efd87d1f0cd763
public.ecr.aws/lambda/python:3.9	public.ecr.aws/lambda/python@sha256:c2583cf06176af58733a3d5127a7a6729c2d26270b8f8773d627b0d289f15b08
public.ecr.aws/lambda/java:17	public.ecr.aws/lambda/java@sha256:e5174f48fb072d08eeaec43a4b3a87276e876a29230815ac8e11333eaeb520b7
public.ecr.aws/lambda/java:11	public.ecr.aws/lambda/java@sha256:6790d8c6759826a7f07b67c015f7ef92d0455da040fbb13d6b24e1e2ec8f67e7
public.ecr.aws/lambda/java:8.al2	public.ecr.aws/lambda/java@sha256:858415b31036156d910b89899b224ac3953b633b6d64977a3eab349a54790592
public.ecr.aws/lambda/ruby:3.2	public.ecr.aws/lambda/ruby@sha256:0ffb27324fcecd20764ce4e22de623eb3a7666fd206a17d0201224c5131a82e9

---

Description

The regcomp function in the GNU C library version from 2.4 to 2.41 is
subject to a double free if some previous allocation fails. It can be
accomplished either by a malloc failure or by using an interposed malloc
that injects random malloc failures. The double free can allow buffer
manipulation depending of how the regex is constructed. This issue
affects all architectures and ABIs supported by the GNU C library.

---

Remediation Steps

• Update the affected package glibc from version 2.26-64.amzn2.0.4 to 2.26-64.amzn2.0.5.

About this issue

• This issue may not contain all the information about the CVE nor the images it affects.
• This issue will not be updated with new information and the list of affected images may have changed since the creation of this issue.
• For more, visit Lambda Watchdog.
• This issue was created automatically by Lambda Watchdog.

[the-lambda-watchdog]

The vulnerability is no longer present in the latest Lambda Watchdog scans. Marking the issue as closed. 🤖