概述
Important: gvisor-tap-vsock security update
类型/严重性
Security Advisory: Important
Red Hat Lightspeed patch analysis
标题
An update for gvisor-tap-vsock is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
描述
A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding.
Security Fix(es):
- crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)
- golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)
- crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)
- net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
受影响的产品
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
-
Red Hat Enterprise Linux Server - AUS 9.6 x86_64
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
-
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
-
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
-
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64
-
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64
-
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le
-
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x
修复
-
BZ - 2418462
- CVE-2025-61729 crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate
-
BZ - 2434432
- CVE-2025-61726 golang: net/url: Memory exhaustion in query parameter parsing in net/url
-
BZ - 2437111
- CVE-2025-68121 crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption
-
BZ - 2445356
- CVE-2026-25679 net/url: Incorrect parsing of IPv6 host literals in net/url
注::
可能有这些软件包的更新版本。
点击软件包名称查看详情。
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6
| SRPM |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.src.rpm
|
SHA-256: db2a8e7b6dfdccc39d4a1888fbb669676a482ce86c61b17ea9b006a39a3a022e |
| x86_64 |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.x86_64.rpm
|
SHA-256: 12a929d6937cacae3cd7dd9c5938b7e758cd14198fd74df292472431e0ef246c |
|
gvisor-tap-vsock-debuginfo-0.8.5-2.el9_6.1.x86_64.rpm
|
SHA-256: 53e8e50cfe9a464d97bf98d7e1e4d94045e4c34eeb5769c036bafc2df2806d48 |
|
gvisor-tap-vsock-debugsource-0.8.5-2.el9_6.1.x86_64.rpm
|
SHA-256: d4c7bc063f0d1a3a641f24c9ff786c92f8d989e0d7a929292f1d58b2f2893f07 |
|
gvisor-tap-vsock-gvforwarder-0.8.5-2.el9_6.1.x86_64.rpm
|
SHA-256: f8ab8c92191a3e2fff62e945ca4a5ca7eb91d5854240975524612214395df379 |
|
gvisor-tap-vsock-gvforwarder-debuginfo-0.8.5-2.el9_6.1.x86_64.rpm
|
SHA-256: 740f025ab7e648fc377766c986e30f174cbd8c5038ae14d250e2b51eef85d627 |
Red Hat Enterprise Linux Server - AUS 9.6
| SRPM |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.src.rpm
|
SHA-256: db2a8e7b6dfdccc39d4a1888fbb669676a482ce86c61b17ea9b006a39a3a022e |
| x86_64 |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.x86_64.rpm
|
SHA-256: 12a929d6937cacae3cd7dd9c5938b7e758cd14198fd74df292472431e0ef246c |
|
gvisor-tap-vsock-debuginfo-0.8.5-2.el9_6.1.x86_64.rpm
|
SHA-256: 53e8e50cfe9a464d97bf98d7e1e4d94045e4c34eeb5769c036bafc2df2806d48 |
|
gvisor-tap-vsock-debugsource-0.8.5-2.el9_6.1.x86_64.rpm
|
SHA-256: d4c7bc063f0d1a3a641f24c9ff786c92f8d989e0d7a929292f1d58b2f2893f07 |
|
gvisor-tap-vsock-gvforwarder-0.8.5-2.el9_6.1.x86_64.rpm
|
SHA-256: f8ab8c92191a3e2fff62e945ca4a5ca7eb91d5854240975524612214395df379 |
|
gvisor-tap-vsock-gvforwarder-debuginfo-0.8.5-2.el9_6.1.x86_64.rpm
|
SHA-256: 740f025ab7e648fc377766c986e30f174cbd8c5038ae14d250e2b51eef85d627 |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6
| SRPM |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.src.rpm
|
SHA-256: db2a8e7b6dfdccc39d4a1888fbb669676a482ce86c61b17ea9b006a39a3a022e |
| s390x |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.s390x.rpm
|
SHA-256: 4150c4ab5d6486f9bc20b34716f9dbbd1c8e4f6fbecbb2612f6fee97b3338457 |
|
gvisor-tap-vsock-debuginfo-0.8.5-2.el9_6.1.s390x.rpm
|
SHA-256: c20854a9f864d4235a417d9875a5577d69e81bc7253a180d8eac36e94d7b72e9 |
|
gvisor-tap-vsock-debugsource-0.8.5-2.el9_6.1.s390x.rpm
|
SHA-256: 6a1e0dc5e5a29e5d2de2524d2854a39a14bca9d2b55625b593e2af5dd604d6fc |
|
gvisor-tap-vsock-gvforwarder-0.8.5-2.el9_6.1.s390x.rpm
|
SHA-256: c625066663b0f9bdb2fc1ef5ea670b67953b16f2a20754cca3106ff885235cee |
|
gvisor-tap-vsock-gvforwarder-debuginfo-0.8.5-2.el9_6.1.s390x.rpm
|
SHA-256: 3fbab3b50e2c34767cadbe90b658f78be39238b17869f64be6a1519c8fb0c4a9 |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6
| SRPM |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.src.rpm
|
SHA-256: db2a8e7b6dfdccc39d4a1888fbb669676a482ce86c61b17ea9b006a39a3a022e |
| ppc64le |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.ppc64le.rpm
|
SHA-256: e25105da8a69984514c837e152f3a5ff98074a4c02b7ed14bf1f75dd51340b49 |
|
gvisor-tap-vsock-debuginfo-0.8.5-2.el9_6.1.ppc64le.rpm
|
SHA-256: 8d948ca8ba11f8c7294ef81b1063c4805624abb906c82423a1b5e91f47007fcc |
|
gvisor-tap-vsock-debugsource-0.8.5-2.el9_6.1.ppc64le.rpm
|
SHA-256: 25646fa3ad12fef5efb53329a85e57afcfb6ed061cbb1c527e547f067c810874 |
|
gvisor-tap-vsock-gvforwarder-0.8.5-2.el9_6.1.ppc64le.rpm
|
SHA-256: 194511a1620d85aadfdddba5d78a651de3aaf77acb6d4b2b780a6ad1807a489b |
|
gvisor-tap-vsock-gvforwarder-debuginfo-0.8.5-2.el9_6.1.ppc64le.rpm
|
SHA-256: a95ffee6e0f8238e1a6f2b2bb88499c916b154ae4b42ab3a750f83b699350a50 |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6
| SRPM |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.src.rpm
|
SHA-256: db2a8e7b6dfdccc39d4a1888fbb669676a482ce86c61b17ea9b006a39a3a022e |
| aarch64 |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.aarch64.rpm
|
SHA-256: cf62f0e7b4e8fd925ceef565d60cee5fbfecd6d8156faae5ea19eb17cea0a3ef |
|
gvisor-tap-vsock-debuginfo-0.8.5-2.el9_6.1.aarch64.rpm
|
SHA-256: 96d55bd0df4b380f022a369ea937b0aa6b7e8cb89b431fe8987426fb177f7fe9 |
|
gvisor-tap-vsock-debugsource-0.8.5-2.el9_6.1.aarch64.rpm
|
SHA-256: 88eb3224978c8146eac0275254bc77608fd2f9bfae31650a6ec617c62b27a32f |
|
gvisor-tap-vsock-gvforwarder-0.8.5-2.el9_6.1.aarch64.rpm
|
SHA-256: a780cb5e8a3d71c5ee46a9d08be402094027d9d196bcf1f4b7a4646ae0018656 |
|
gvisor-tap-vsock-gvforwarder-debuginfo-0.8.5-2.el9_6.1.aarch64.rpm
|
SHA-256: a98fbed37400871d9a0aa25addcb11ca6d7d0a99b6eeae1ba5e524412de0fcdc |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6
| SRPM |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.src.rpm
|
SHA-256: db2a8e7b6dfdccc39d4a1888fbb669676a482ce86c61b17ea9b006a39a3a022e |
| ppc64le |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.ppc64le.rpm
|
SHA-256: e25105da8a69984514c837e152f3a5ff98074a4c02b7ed14bf1f75dd51340b49 |
|
gvisor-tap-vsock-debuginfo-0.8.5-2.el9_6.1.ppc64le.rpm
|
SHA-256: 8d948ca8ba11f8c7294ef81b1063c4805624abb906c82423a1b5e91f47007fcc |
|
gvisor-tap-vsock-debugsource-0.8.5-2.el9_6.1.ppc64le.rpm
|
SHA-256: 25646fa3ad12fef5efb53329a85e57afcfb6ed061cbb1c527e547f067c810874 |
|
gvisor-tap-vsock-gvforwarder-0.8.5-2.el9_6.1.ppc64le.rpm
|
SHA-256: 194511a1620d85aadfdddba5d78a651de3aaf77acb6d4b2b780a6ad1807a489b |
|
gvisor-tap-vsock-gvforwarder-debuginfo-0.8.5-2.el9_6.1.ppc64le.rpm
|
SHA-256: a95ffee6e0f8238e1a6f2b2bb88499c916b154ae4b42ab3a750f83b699350a50 |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6
| SRPM |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.src.rpm
|
SHA-256: db2a8e7b6dfdccc39d4a1888fbb669676a482ce86c61b17ea9b006a39a3a022e |
| x86_64 |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.x86_64.rpm
|
SHA-256: 12a929d6937cacae3cd7dd9c5938b7e758cd14198fd74df292472431e0ef246c |
|
gvisor-tap-vsock-debuginfo-0.8.5-2.el9_6.1.x86_64.rpm
|
SHA-256: 53e8e50cfe9a464d97bf98d7e1e4d94045e4c34eeb5769c036bafc2df2806d48 |
|
gvisor-tap-vsock-debugsource-0.8.5-2.el9_6.1.x86_64.rpm
|
SHA-256: d4c7bc063f0d1a3a641f24c9ff786c92f8d989e0d7a929292f1d58b2f2893f07 |
|
gvisor-tap-vsock-gvforwarder-0.8.5-2.el9_6.1.x86_64.rpm
|
SHA-256: f8ab8c92191a3e2fff62e945ca4a5ca7eb91d5854240975524612214395df379 |
|
gvisor-tap-vsock-gvforwarder-debuginfo-0.8.5-2.el9_6.1.x86_64.rpm
|
SHA-256: 740f025ab7e648fc377766c986e30f174cbd8c5038ae14d250e2b51eef85d627 |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6
| SRPM |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.src.rpm
|
SHA-256: db2a8e7b6dfdccc39d4a1888fbb669676a482ce86c61b17ea9b006a39a3a022e |
| aarch64 |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.aarch64.rpm
|
SHA-256: cf62f0e7b4e8fd925ceef565d60cee5fbfecd6d8156faae5ea19eb17cea0a3ef |
|
gvisor-tap-vsock-debuginfo-0.8.5-2.el9_6.1.aarch64.rpm
|
SHA-256: 96d55bd0df4b380f022a369ea937b0aa6b7e8cb89b431fe8987426fb177f7fe9 |
|
gvisor-tap-vsock-debugsource-0.8.5-2.el9_6.1.aarch64.rpm
|
SHA-256: 88eb3224978c8146eac0275254bc77608fd2f9bfae31650a6ec617c62b27a32f |
|
gvisor-tap-vsock-gvforwarder-0.8.5-2.el9_6.1.aarch64.rpm
|
SHA-256: a780cb5e8a3d71c5ee46a9d08be402094027d9d196bcf1f4b7a4646ae0018656 |
|
gvisor-tap-vsock-gvforwarder-debuginfo-0.8.5-2.el9_6.1.aarch64.rpm
|
SHA-256: a98fbed37400871d9a0aa25addcb11ca6d7d0a99b6eeae1ba5e524412de0fcdc |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6
| SRPM |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.src.rpm
|
SHA-256: db2a8e7b6dfdccc39d4a1888fbb669676a482ce86c61b17ea9b006a39a3a022e |
| s390x |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.s390x.rpm
|
SHA-256: 4150c4ab5d6486f9bc20b34716f9dbbd1c8e4f6fbecbb2612f6fee97b3338457 |
|
gvisor-tap-vsock-debuginfo-0.8.5-2.el9_6.1.s390x.rpm
|
SHA-256: c20854a9f864d4235a417d9875a5577d69e81bc7253a180d8eac36e94d7b72e9 |
|
gvisor-tap-vsock-debugsource-0.8.5-2.el9_6.1.s390x.rpm
|
SHA-256: 6a1e0dc5e5a29e5d2de2524d2854a39a14bca9d2b55625b593e2af5dd604d6fc |
|
gvisor-tap-vsock-gvforwarder-0.8.5-2.el9_6.1.s390x.rpm
|
SHA-256: c625066663b0f9bdb2fc1ef5ea670b67953b16f2a20754cca3106ff885235cee |
|
gvisor-tap-vsock-gvforwarder-debuginfo-0.8.5-2.el9_6.1.s390x.rpm
|
SHA-256: 3fbab3b50e2c34767cadbe90b658f78be39238b17869f64be6a1519c8fb0c4a9 |
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6
| SRPM |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.src.rpm
|
SHA-256: db2a8e7b6dfdccc39d4a1888fbb669676a482ce86c61b17ea9b006a39a3a022e |
| x86_64 |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.x86_64.rpm
|
SHA-256: 12a929d6937cacae3cd7dd9c5938b7e758cd14198fd74df292472431e0ef246c |
|
gvisor-tap-vsock-debuginfo-0.8.5-2.el9_6.1.x86_64.rpm
|
SHA-256: 53e8e50cfe9a464d97bf98d7e1e4d94045e4c34eeb5769c036bafc2df2806d48 |
|
gvisor-tap-vsock-debugsource-0.8.5-2.el9_6.1.x86_64.rpm
|
SHA-256: d4c7bc063f0d1a3a641f24c9ff786c92f8d989e0d7a929292f1d58b2f2893f07 |
|
gvisor-tap-vsock-gvforwarder-0.8.5-2.el9_6.1.x86_64.rpm
|
SHA-256: f8ab8c92191a3e2fff62e945ca4a5ca7eb91d5854240975524612214395df379 |
|
gvisor-tap-vsock-gvforwarder-debuginfo-0.8.5-2.el9_6.1.x86_64.rpm
|
SHA-256: 740f025ab7e648fc377766c986e30f174cbd8c5038ae14d250e2b51eef85d627 |
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6
| SRPM |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.src.rpm
|
SHA-256: db2a8e7b6dfdccc39d4a1888fbb669676a482ce86c61b17ea9b006a39a3a022e |
| aarch64 |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.aarch64.rpm
|
SHA-256: cf62f0e7b4e8fd925ceef565d60cee5fbfecd6d8156faae5ea19eb17cea0a3ef |
|
gvisor-tap-vsock-debuginfo-0.8.5-2.el9_6.1.aarch64.rpm
|
SHA-256: 96d55bd0df4b380f022a369ea937b0aa6b7e8cb89b431fe8987426fb177f7fe9 |
|
gvisor-tap-vsock-debugsource-0.8.5-2.el9_6.1.aarch64.rpm
|
SHA-256: 88eb3224978c8146eac0275254bc77608fd2f9bfae31650a6ec617c62b27a32f |
|
gvisor-tap-vsock-gvforwarder-0.8.5-2.el9_6.1.aarch64.rpm
|
SHA-256: a780cb5e8a3d71c5ee46a9d08be402094027d9d196bcf1f4b7a4646ae0018656 |
|
gvisor-tap-vsock-gvforwarder-debuginfo-0.8.5-2.el9_6.1.aarch64.rpm
|
SHA-256: a98fbed37400871d9a0aa25addcb11ca6d7d0a99b6eeae1ba5e524412de0fcdc |
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6
| SRPM |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.src.rpm
|
SHA-256: db2a8e7b6dfdccc39d4a1888fbb669676a482ce86c61b17ea9b006a39a3a022e |
| ppc64le |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.ppc64le.rpm
|
SHA-256: e25105da8a69984514c837e152f3a5ff98074a4c02b7ed14bf1f75dd51340b49 |
|
gvisor-tap-vsock-debuginfo-0.8.5-2.el9_6.1.ppc64le.rpm
|
SHA-256: 8d948ca8ba11f8c7294ef81b1063c4805624abb906c82423a1b5e91f47007fcc |
|
gvisor-tap-vsock-debugsource-0.8.5-2.el9_6.1.ppc64le.rpm
|
SHA-256: 25646fa3ad12fef5efb53329a85e57afcfb6ed061cbb1c527e547f067c810874 |
|
gvisor-tap-vsock-gvforwarder-0.8.5-2.el9_6.1.ppc64le.rpm
|
SHA-256: 194511a1620d85aadfdddba5d78a651de3aaf77acb6d4b2b780a6ad1807a489b |
|
gvisor-tap-vsock-gvforwarder-debuginfo-0.8.5-2.el9_6.1.ppc64le.rpm
|
SHA-256: a95ffee6e0f8238e1a6f2b2bb88499c916b154ae4b42ab3a750f83b699350a50 |
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6
| SRPM |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.src.rpm
|
SHA-256: db2a8e7b6dfdccc39d4a1888fbb669676a482ce86c61b17ea9b006a39a3a022e |
| s390x |
|
gvisor-tap-vsock-0.8.5-2.el9_6.1.s390x.rpm
|
SHA-256: 4150c4ab5d6486f9bc20b34716f9dbbd1c8e4f6fbecbb2612f6fee97b3338457 |
|
gvisor-tap-vsock-debuginfo-0.8.5-2.el9_6.1.s390x.rpm
|
SHA-256: c20854a9f864d4235a417d9875a5577d69e81bc7253a180d8eac36e94d7b72e9 |
|
gvisor-tap-vsock-debugsource-0.8.5-2.el9_6.1.s390x.rpm
|
SHA-256: 6a1e0dc5e5a29e5d2de2524d2854a39a14bca9d2b55625b593e2af5dd604d6fc |
|
gvisor-tap-vsock-gvforwarder-0.8.5-2.el9_6.1.s390x.rpm
|
SHA-256: c625066663b0f9bdb2fc1ef5ea670b67953b16f2a20754cca3106ff885235cee |
|
gvisor-tap-vsock-gvforwarder-debuginfo-0.8.5-2.el9_6.1.s390x.rpm
|
SHA-256: 3fbab3b50e2c34767cadbe90b658f78be39238b17869f64be6a1519c8fb0c4a9 |
