INFSA-2025:7484: gvisor-tap-vsock security update

Information about definition

Identificator: INFSA-2025:7484

Type: security

Release date: 2025-07-15 19:46:19 UTC

Information about package

A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding.

Vulnerabilities description

  • CVE-2025-22869

    SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.

Severity level

CVE Score CVSS 2.0 Score CVSS 3.x Score CVSS 4.0
Critical, important, moderate, low

Updated packages