CVE-2025-4638
📋 TL;DR
A vulnerability in the zlib library's inftrees.c component, bundled within PointCloudLibrary (PCL), allows attackers to cause undefined behavior through improper pointer arithmetic. This primarily affects PCL versions older than 1.14.0 or configurations where system zlib is explicitly disabled.
💻 Affected Systems
- PointCloudLibrary (PCL)
📦 What is this software?
Point Cloud Library by Pointclouds
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to complete system compromise, denial of service, or data corruption.
Likely Case
Application crashes, denial of service, or memory corruption leading to instability.
If Mitigated
Limited impact due to proper input validation and memory protections.
🎯 Exploit Status
Exploitation requires specific conditions and may be context-dependent.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: PCL 1.14.0 or later
Vendor Advisory: https://github.com/PointCloudLibrary/pcl/commit/502bd2b013ce635f21632d523aa8cf2e04f7b7ac
Restart Required: Yes
Instructions:
1. Upgrade PCL to version 1.14.0 or later. 2. Ensure WITH_SYSTEM_ZLIB is not set to FALSE. 3. Restart any services using PCL.
🔧 Temporary Workarounds
Use System Zlib
allConfigure PCL to use the system-installed zlib library instead of the bundled version.
cmake -DWITH_SYSTEM_ZLIB=TRUE ..
make
sudo make install
🧯 If You Can't Patch
- Restrict network access to affected systems.
- Implement strict input validation and sanitization.
🔍 How to Verify
Check if Vulnerable:
Check PCL version and CMake configuration for WITH_SYSTEM_ZLIB setting.Check Version:
pcl_version --version or check installed package versionVerify Fix Applied:
Verify PCL version is >=1.14.0 and WITH_SYSTEM_ZLIB is not FALSE.📡 Detection & Monitoring
Log Indicators:
- Application crashes, segmentation faults, memory corruption errors in logs.
Network Indicators:
- Unusual network traffic to PCL services.
SIEM Query:
source="*pcl*" AND (event="segmentation fault" OR event="memory corruption")