INFSA-2025:7484: gvisor-tap-vsock security update
Information about definition
Identificator: INFSA-2025:7484
Type: security
Release date: 2025-07-15 19:46:19 UTC
Information about package
A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding.
Vulnerabilities description
- CVE-2025-22869
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.
Severity level
CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
---|
Updated packages