Synopsis
Moderate: gvisor-tap-vsock security update
Type/Severity
Security Advisory: Moderate
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for gvisor-tap-vsock is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for podman-machine virtual machines. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding.
Security Fix(es):
- net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
-
Red Hat Enterprise Linux Server - AUS 9.4 x86_64
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
-
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
-
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x
-
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64
-
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64
-
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le
-
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4 s390x
Fixes
-
BZ - 2358493
- CVE-2025-22871 net/http: Request smuggling due to acceptance of invalid chunked data in net/http
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4
| SRPM |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.src.rpm
|
SHA-256: a0db991c92fbe5ebe9b1025d4a1c02537ed1fa69b5c6e292606866289c1c6127 |
| x86_64 |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.x86_64.rpm
|
SHA-256: 0137738e5b051e955a9564c862091da350eea31e44326f5f00b5bb127205c34a |
|
gvisor-tap-vsock-debuginfo-0.7.3-5.el9_4.2.x86_64.rpm
|
SHA-256: f0ff7b320188d5e77739d1ecf462d43512f80c1a5718f8108157227afdc3fc9a |
|
gvisor-tap-vsock-debugsource-0.7.3-5.el9_4.2.x86_64.rpm
|
SHA-256: bfa2aa3e0dad6bd771bfc0302c484e1a77f7f96ea9a6d789110db41d5cdf4178 |
Red Hat Enterprise Linux Server - AUS 9.4
| SRPM |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.src.rpm
|
SHA-256: a0db991c92fbe5ebe9b1025d4a1c02537ed1fa69b5c6e292606866289c1c6127 |
| x86_64 |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.x86_64.rpm
|
SHA-256: 0137738e5b051e955a9564c862091da350eea31e44326f5f00b5bb127205c34a |
|
gvisor-tap-vsock-debuginfo-0.7.3-5.el9_4.2.x86_64.rpm
|
SHA-256: f0ff7b320188d5e77739d1ecf462d43512f80c1a5718f8108157227afdc3fc9a |
|
gvisor-tap-vsock-debugsource-0.7.3-5.el9_4.2.x86_64.rpm
|
SHA-256: bfa2aa3e0dad6bd771bfc0302c484e1a77f7f96ea9a6d789110db41d5cdf4178 |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4
| SRPM |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.src.rpm
|
SHA-256: a0db991c92fbe5ebe9b1025d4a1c02537ed1fa69b5c6e292606866289c1c6127 |
| s390x |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.s390x.rpm
|
SHA-256: 842f4e33b172f44cc2f1166db2a2774343d69b23e6f0a0972092fad5d821095a |
|
gvisor-tap-vsock-debuginfo-0.7.3-5.el9_4.2.s390x.rpm
|
SHA-256: 293490d0d1b613d84d093df118da7be0bbfc6eb84bf939450f05de9e13a44978 |
|
gvisor-tap-vsock-debugsource-0.7.3-5.el9_4.2.s390x.rpm
|
SHA-256: ee351916d0af35bcca2fd2985304fe4054ea82bf6bcc24325ba6da24459e52d9 |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4
| SRPM |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.src.rpm
|
SHA-256: a0db991c92fbe5ebe9b1025d4a1c02537ed1fa69b5c6e292606866289c1c6127 |
| ppc64le |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.ppc64le.rpm
|
SHA-256: 9dae5865cb4ebdf837009fa624aa535366b32af75ad14f532a6e04a094a5750b |
|
gvisor-tap-vsock-debuginfo-0.7.3-5.el9_4.2.ppc64le.rpm
|
SHA-256: fffa3e27343d39ac63e391367c42276ed1b7ea9f406c0e6ec800dc100a264baa |
|
gvisor-tap-vsock-debugsource-0.7.3-5.el9_4.2.ppc64le.rpm
|
SHA-256: 233e8f6989722ccfc24b12466c6bcc47c2acae9b0a407100528cf9facc6e2561 |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4
| SRPM |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.src.rpm
|
SHA-256: a0db991c92fbe5ebe9b1025d4a1c02537ed1fa69b5c6e292606866289c1c6127 |
| aarch64 |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.aarch64.rpm
|
SHA-256: 59a2d8980146d96b037b61828aa16fe0df8339172ddc47b27bd5bba66ac6344f |
|
gvisor-tap-vsock-debuginfo-0.7.3-5.el9_4.2.aarch64.rpm
|
SHA-256: 26f3372b268967b48be2efb3617bcd22ea20677ad0ee19325ac8a80ce6801ae6 |
|
gvisor-tap-vsock-debugsource-0.7.3-5.el9_4.2.aarch64.rpm
|
SHA-256: e07e561a6d051b0e99aecfd1c0d557939c3906a0ec4f7877197507eea560f846 |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4
| SRPM |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.src.rpm
|
SHA-256: a0db991c92fbe5ebe9b1025d4a1c02537ed1fa69b5c6e292606866289c1c6127 |
| ppc64le |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.ppc64le.rpm
|
SHA-256: 9dae5865cb4ebdf837009fa624aa535366b32af75ad14f532a6e04a094a5750b |
|
gvisor-tap-vsock-debuginfo-0.7.3-5.el9_4.2.ppc64le.rpm
|
SHA-256: fffa3e27343d39ac63e391367c42276ed1b7ea9f406c0e6ec800dc100a264baa |
|
gvisor-tap-vsock-debugsource-0.7.3-5.el9_4.2.ppc64le.rpm
|
SHA-256: 233e8f6989722ccfc24b12466c6bcc47c2acae9b0a407100528cf9facc6e2561 |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4
| SRPM |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.src.rpm
|
SHA-256: a0db991c92fbe5ebe9b1025d4a1c02537ed1fa69b5c6e292606866289c1c6127 |
| x86_64 |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.x86_64.rpm
|
SHA-256: 0137738e5b051e955a9564c862091da350eea31e44326f5f00b5bb127205c34a |
|
gvisor-tap-vsock-debuginfo-0.7.3-5.el9_4.2.x86_64.rpm
|
SHA-256: f0ff7b320188d5e77739d1ecf462d43512f80c1a5718f8108157227afdc3fc9a |
|
gvisor-tap-vsock-debugsource-0.7.3-5.el9_4.2.x86_64.rpm
|
SHA-256: bfa2aa3e0dad6bd771bfc0302c484e1a77f7f96ea9a6d789110db41d5cdf4178 |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4
| SRPM |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.src.rpm
|
SHA-256: a0db991c92fbe5ebe9b1025d4a1c02537ed1fa69b5c6e292606866289c1c6127 |
| aarch64 |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.aarch64.rpm
|
SHA-256: 59a2d8980146d96b037b61828aa16fe0df8339172ddc47b27bd5bba66ac6344f |
|
gvisor-tap-vsock-debuginfo-0.7.3-5.el9_4.2.aarch64.rpm
|
SHA-256: 26f3372b268967b48be2efb3617bcd22ea20677ad0ee19325ac8a80ce6801ae6 |
|
gvisor-tap-vsock-debugsource-0.7.3-5.el9_4.2.aarch64.rpm
|
SHA-256: e07e561a6d051b0e99aecfd1c0d557939c3906a0ec4f7877197507eea560f846 |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4
| SRPM |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.src.rpm
|
SHA-256: a0db991c92fbe5ebe9b1025d4a1c02537ed1fa69b5c6e292606866289c1c6127 |
| s390x |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.s390x.rpm
|
SHA-256: 842f4e33b172f44cc2f1166db2a2774343d69b23e6f0a0972092fad5d821095a |
|
gvisor-tap-vsock-debuginfo-0.7.3-5.el9_4.2.s390x.rpm
|
SHA-256: 293490d0d1b613d84d093df118da7be0bbfc6eb84bf939450f05de9e13a44978 |
|
gvisor-tap-vsock-debugsource-0.7.3-5.el9_4.2.s390x.rpm
|
SHA-256: ee351916d0af35bcca2fd2985304fe4054ea82bf6bcc24325ba6da24459e52d9 |
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4
| SRPM |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.src.rpm
|
SHA-256: a0db991c92fbe5ebe9b1025d4a1c02537ed1fa69b5c6e292606866289c1c6127 |
| x86_64 |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.x86_64.rpm
|
SHA-256: 0137738e5b051e955a9564c862091da350eea31e44326f5f00b5bb127205c34a |
|
gvisor-tap-vsock-debuginfo-0.7.3-5.el9_4.2.x86_64.rpm
|
SHA-256: f0ff7b320188d5e77739d1ecf462d43512f80c1a5718f8108157227afdc3fc9a |
|
gvisor-tap-vsock-debugsource-0.7.3-5.el9_4.2.x86_64.rpm
|
SHA-256: bfa2aa3e0dad6bd771bfc0302c484e1a77f7f96ea9a6d789110db41d5cdf4178 |
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4
| SRPM |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.src.rpm
|
SHA-256: a0db991c92fbe5ebe9b1025d4a1c02537ed1fa69b5c6e292606866289c1c6127 |
| aarch64 |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.aarch64.rpm
|
SHA-256: 59a2d8980146d96b037b61828aa16fe0df8339172ddc47b27bd5bba66ac6344f |
|
gvisor-tap-vsock-debuginfo-0.7.3-5.el9_4.2.aarch64.rpm
|
SHA-256: 26f3372b268967b48be2efb3617bcd22ea20677ad0ee19325ac8a80ce6801ae6 |
|
gvisor-tap-vsock-debugsource-0.7.3-5.el9_4.2.aarch64.rpm
|
SHA-256: e07e561a6d051b0e99aecfd1c0d557939c3906a0ec4f7877197507eea560f846 |
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4
| SRPM |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.src.rpm
|
SHA-256: a0db991c92fbe5ebe9b1025d4a1c02537ed1fa69b5c6e292606866289c1c6127 |
| ppc64le |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.ppc64le.rpm
|
SHA-256: 9dae5865cb4ebdf837009fa624aa535366b32af75ad14f532a6e04a094a5750b |
|
gvisor-tap-vsock-debuginfo-0.7.3-5.el9_4.2.ppc64le.rpm
|
SHA-256: fffa3e27343d39ac63e391367c42276ed1b7ea9f406c0e6ec800dc100a264baa |
|
gvisor-tap-vsock-debugsource-0.7.3-5.el9_4.2.ppc64le.rpm
|
SHA-256: 233e8f6989722ccfc24b12466c6bcc47c2acae9b0a407100528cf9facc6e2561 |
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4
| SRPM |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.src.rpm
|
SHA-256: a0db991c92fbe5ebe9b1025d4a1c02537ed1fa69b5c6e292606866289c1c6127 |
| s390x |
|
gvisor-tap-vsock-0.7.3-5.el9_4.2.s390x.rpm
|
SHA-256: 842f4e33b172f44cc2f1166db2a2774343d69b23e6f0a0972092fad5d821095a |
|
gvisor-tap-vsock-debuginfo-0.7.3-5.el9_4.2.s390x.rpm
|
SHA-256: 293490d0d1b613d84d093df118da7be0bbfc6eb84bf939450f05de9e13a44978 |
|
gvisor-tap-vsock-debugsource-0.7.3-5.el9_4.2.s390x.rpm
|
SHA-256: ee351916d0af35bcca2fd2985304fe4054ea82bf6bcc24325ba6da24459e52d9 |
