CVE-2025-6196 is a medium-severity vulnerability identified in libgepub, a library utilized for reading EPUB files, present in Red Hat Enterprise Linux 7. The flaw arises from improper handling of file size calculations when processing specially crafted EPUB files, resulting in integer overflow or wraparound conditions. This miscalculation leads to incorrect memory allocation sizes, which can cause the consuming application to crash, effectively resulting in a denial of service (DoS). One known affected component is Tumbler, a desktop service that automatically processes files in directories, including EPUB files. Since Tumbler may parse malicious EPUB files without explicit user initiation, this increases the risk of triggering the vulnerability inadvertently. Although no direct remote exploitation vectors have been confirmed, any application that uses libgepub to parse user-supplied EPUB content could be vulnerable to DoS attacks if an attacker can supply malicious EPUB files. The vulnerability does not impact confidentiality or integrity but affects availability by causing application crashes. Exploitation requires local access or user interaction to open or browse directories containing malicious EPUB files. The CVSS 3.1 base score is 5.5, reflecting a medium severity with attack vector local (AV:L), low attack complexity (AC:L), no privileges required (PR:N), user interaction required (UI:R), and impact limited to availability (A:H). No known exploits are currently in the wild, and no patches or mitigations have been explicitly linked in the provided data.

For European organizations, especially those using Red Hat Enterprise Linux 7 in desktop environments or servers that process EPUB files via libgepub, this vulnerability poses a risk of denial of service. The impact is primarily on availability, potentially disrupting user workflows or automated services that rely on EPUB file processing. Organizations with automated file indexing or preview services (like Tumbler) may experience crashes or service interruptions if malicious EPUB files are introduced, either inadvertently or through targeted attacks. While the vulnerability does not allow for data theft or system compromise, repeated or large-scale exploitation could degrade service reliability and user productivity. Sectors with high reliance on document processing, digital libraries, or content management systems that handle EPUB files should be particularly cautious. The lack of remote exploitation vectors reduces the risk from external attackers but does not eliminate the threat from insider threats or phishing campaigns that could deliver malicious EPUB files to users.

To mitigate this vulnerability, European organizations should: 1) Update libgepub and related packages as soon as official patches or updates from Red Hat become available, ensuring the integer overflow issue is resolved. 2) Temporarily disable or restrict automatic processing of EPUB files by services like Tumbler, especially in environments where users frequently browse directories containing untrusted files. 3) Implement file validation and filtering at the gateway or endpoint level to detect and quarantine suspicious EPUB files before they reach vulnerable applications. 4) Educate users about the risks of opening EPUB files from untrusted sources and encourage cautious handling of email attachments or downloads. 5) Monitor application logs and system behavior for crashes or anomalies related to EPUB file processing to detect potential exploitation attempts early. 6) Consider sandboxing or isolating applications that parse EPUB files to contain potential crashes and prevent broader system impact. These steps go beyond generic advice by focusing on controlling the specific attack vector (malicious EPUB files) and limiting automatic processing that could trigger the vulnerability.