Bug 2372306 (CVE-2025-40914)
| Summary: | CVE-2025-40914 cryptx: Perl CryptX code execution via integer overflow | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | urgent | Docs Contact: | |
| Priority: | urgent | ||
| Version: | unspecified | Keywords: | Security |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A critical integer overflow vulnerability has been discovered in the CPAN CryptX module. This flaw is inherited from an underlying dependency within the module. If successfully exploited, this vulnerability could lead to arbitrary code execution, allowing an attacker to gain full control over the affected system.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2372355, 2372356, 2372357, 2372358 | ||
| Bug Blocks: | |||
|
Description
OSIDB Bzimport
2025-06-11 15:01:54 UTC
|