gvisor-tap-vsock-0.8.5-1.el9_5

エラータID: AXSA:2025-9855:01

リリース日: 
2025/04/17 Thursday - 10:35
題名: 
gvisor-tap-vsock-0.8.5-1.el9_5
影響のあるチャネル: 
MIRACLE LINUX 9 for x86_64
Severity: 
High
Description: 

A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for podman-machine virtual machines. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding.

Security Fix(es):

* golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (CVE-2025-22869)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-22869
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.

解決策: 

Update packages.

CVE: 
CVE-2025-22869
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. gvisor-tap-vsock-0.8.5-1.el9_5.src.rpm
    MD5: 0305997b12c69b45a6a8796f459dc145
    SHA-256: fe9e411252ee032349409c661f1c87d0f365736fab6ca72dc0ea9a9b90fe27cd
    Size: 10.25 MB

Asianux Server 9 for x86_64
  1. gvisor-tap-vsock-0.8.5-1.el9_5.x86_64.rpm
    MD5: a175eb2023b191b315af9a85a0c52ed1
    SHA-256: 414898885abbbebf62a4c28e6229719c250df614acd1946cd8f406db1fdd9adc
    Size: 5.64 MB