CVE-2025-6196 identifies an integer overflow or wraparound vulnerability in libgepub, a library responsible for parsing EPUB files. The issue occurs due to improper handling of file size calculations when opening specially crafted EPUB files, which leads to incorrect memory allocation sizes. This miscalculation can cause the application to crash, resulting in a denial of service condition. The vulnerability is particularly relevant for desktop services such as Tumbler, which may automatically process EPUB files when users browse directories, potentially triggering the flaw without explicit user intent to open the file. While no remote attack vector has been confirmed, any application that uses libgepub to parse EPUB content supplied by users could be vulnerable. The vulnerability does not affect confidentiality or integrity but impacts availability by causing crashes. The CVSS 3.1 score is 5.5 (medium severity), reflecting local attack vector, low complexity, no privileges required, but requiring user interaction. The flaw is present in Red Hat Enterprise Linux 7 and potentially other systems using libgepub. No known exploits are currently in the wild, and no patches have been linked yet. Organizations should monitor for updates and consider restricting automatic processing of EPUB files in vulnerable services.

For European organizations, this vulnerability primarily poses a risk of denial of service on systems that automatically process EPUB files using libgepub, such as desktop environments with Tumbler or similar services. This could disrupt user productivity or automated workflows that involve EPUB content. While the impact is limited to availability, critical systems relying on automated file previews or indexing could experience interruptions. Since the vulnerability requires user interaction (e.g., browsing a directory with a malicious EPUB), the risk is mitigated by user awareness and controlled file handling policies. However, organizations with extensive use of Red Hat Enterprise Linux 7 or other Linux distributions incorporating libgepub should be cautious, especially in environments where users frequently handle EPUB files. The lack of confidentiality or integrity impact reduces the risk of data breaches, but denial of service in operational environments could still have business continuity implications.

To mitigate CVE-2025-6196, organizations should: 1) Monitor for and apply vendor patches or updates to libgepub and affected software (e.g., Red Hat Enterprise Linux 7) as soon as they become available. 2) Disable or restrict automatic processing of EPUB files in desktop services like Tumbler to prevent unintended parsing of malicious files. 3) Implement file type filtering and scanning policies to block or quarantine suspicious EPUB files from untrusted sources before they reach end-user systems. 4) Educate users to avoid opening or browsing directories containing untrusted EPUB files. 5) Consider sandboxing or isolating applications that parse EPUB files to limit the impact of potential crashes. 6) Use endpoint protection solutions capable of detecting abnormal application crashes or suspicious file activity related to EPUB processing. These steps go beyond generic advice by focusing on controlling automatic EPUB processing and user interaction vectors specific to this vulnerability.