CVE-2025-65410 identifies a stack overflow vulnerability in the src/main.c source file of GNU Unrtf version 0.21.10. GNU Unrtf is an open-source utility designed to convert Rich Text Format (RTF) documents into other formats such as HTML or LaTeX. The vulnerability arises from improper handling of the filename parameter, where an attacker can inject crafted input that exceeds the buffer size allocated on the stack. This overflow can overwrite the stack frame, leading to application crashes or abnormal termination, resulting in a Denial of Service (DoS). The vulnerability does not appear to allow arbitrary code execution or privilege escalation but disrupts service availability. Exploitation requires the attacker to supply malicious input directly to the filename parameter, which may be possible in scenarios where untrusted input is processed by GNU Unrtf. No authentication is required, and no user interaction beyond supplying the crafted input is necessary. Currently, there are no patches or fixes publicly available, and no known exploits have been observed in the wild. The lack of a CVSS score means severity must be assessed based on impact and exploitability factors. Given the nature of the vulnerability, it primarily threatens availability rather than confidentiality or integrity. The scope is limited to systems running the vulnerable version of GNU Unrtf, which is commonly used in document conversion pipelines, especially in open-source environments.

For European organizations, the primary impact of CVE-2025-65410 is the potential disruption of document processing workflows that rely on GNU Unrtf. This can lead to denial of service conditions where automated systems fail to convert RTF documents, potentially delaying business operations, document management, or data exchange processes. Sectors such as government, legal, publishing, and education that handle large volumes of RTF documents may experience operational interruptions. Although the vulnerability does not appear to enable data breaches or code execution, the loss of availability can affect service reliability and user trust. In critical infrastructure environments where document processing is part of larger automated workflows, this could cascade into broader operational issues. The absence of known exploits reduces immediate risk, but the vulnerability remains a concern until patched. Organizations using GNU Unrtf in exposed or internet-facing environments are at higher risk of exploitation attempts.

To mitigate CVE-2025-65410, organizations should first inventory their use of GNU Unrtf and identify any systems running version 0.21.10 or earlier. Until a patch is released, restrict access to the GNU Unrtf utility to trusted users and systems only, preventing untrusted input from reaching the filename parameter. Implement input validation and sanitization controls at the application or network level to detect and block malformed filename inputs that could trigger the overflow. Consider isolating the document conversion process in sandboxed or containerized environments to limit the impact of potential crashes. Monitor logs and system behavior for signs of crashes or abnormal terminations related to GNU Unrtf usage. Engage with the GNU Unrtf maintainers or community to obtain patches or updates addressing this vulnerability. Where possible, replace GNU Unrtf with alternative, actively maintained document conversion tools that do not exhibit this vulnerability. Finally, educate developers and system administrators about safe handling of untrusted input parameters in document processing workflows.