Bug 2403180 (CVE-2025-61919)
| Summary: | CVE-2025-61919 rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | akostadi, amasferr, anthomas, cbartlet, crizzo, dmayorov, eglynn, ehelms, ggainey, jcantril, jjoyce, jlledo, jschluet, juwatts, jvasik, kaycoth, lhh, lsvaty, mburns, mgarciac, mhulan, mmakovy, nmoumoul, osousa, pantinor, pcreech, pgrist, rblanco, rchan, rojacob, smallamp, tjochec, tmalecek, tsedmik, vmugicag |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A memory-exhaustion vulnerability exists in Rack when parsing application/x-www-form-urlencoded request bodies. Rack::Request#POST reads the entire request body into memory without enforcing a maximum length or cap. Attackers can exploit this by sending large form submissions, potentially causing denial of service (DoS) through memory exhaustion. Even with configured parsing limits, the issue occurs before those limits are enforced, allowing unbounded memory allocation proportional to request size.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2403521, 2403522, 2403523, 2403524, 2403525 | ||
| Bug Blocks: | |||
|
Description
OSIDB Bzimport
2025-10-10 20:01:43 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2025:19513 https://access.redhat.com/errata/RHSA-2025:19513 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:19512 https://access.redhat.com/errata/RHSA-2025:19512 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2025:19647 https://access.redhat.com/errata/RHSA-2025:19647 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:19719 https://access.redhat.com/errata/RHSA-2025:19719 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:19733 https://access.redhat.com/errata/RHSA-2025:19733 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:19734 https://access.redhat.com/errata/RHSA-2025:19734 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:19736 https://access.redhat.com/errata/RHSA-2025:19736 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:19800 https://access.redhat.com/errata/RHSA-2025:19800 This issue has been addressed in the following products: Red Hat Satellite 6.17 for RHEL 9 Via RHSA-2025:19832 https://access.redhat.com/errata/RHSA-2025:19832 This issue has been addressed in the following products: Red Hat Satellite 6.16 for RHEL 8 Red Hat Satellite 6.16 for RHEL 9 Via RHSA-2025:19855 https://access.redhat.com/errata/RHSA-2025:19855 This issue has been addressed in the following products: Red Hat Satellite 6.15 for RHEL 8 Via RHSA-2025:19856 https://access.redhat.com/errata/RHSA-2025:19856 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Via RHSA-2025:19948 https://access.redhat.com/errata/RHSA-2025:19948 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:20962 https://access.redhat.com/errata/RHSA-2025:20962 This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2025:21036 https://access.redhat.com/errata/RHSA-2025:21036 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2025:21696 https://access.redhat.com/errata/RHSA-2025:21696 |