Description

In UNIX Fourth Research Edition (v4), the su command is vulnerable to a buffer overflow due to the 'password' variable having a fixed size of 100 bytes. A local user can exploit this to gain root privileges. It is unlikely that UNIX v4 is running anywhere outside of a very small number of lab environments. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

INFO

Published Date :

2026-03-13T18:38:07.721Z

Last Modified :

2026-03-21T22:00:54.839Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-71263 vulnerability.

Vendors Products
At&t Bell Labs
  • Unix
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-71263.

URL Resource
http://www.openwall.com/lists/oss-security/2026/03/20/6 cve-icon
http://www.openwall.com/lists/oss-security/2026/03/21/4 cve-icon
https://discuss.systems/@ricci/115747843169814700 cve-icon cve-icon
https://sigma-star.at/blog/2025/12/unix-v4-buffer-overflow/ cve-icon cve-icon
https://www.spinellis.gr/blog/20251223/ cve-icon cve-icon
https://www.tuhs.org/pipermail/tuhs/2026-January/032991.html cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact