ASA-202506-9 log raw

[ASA-202506-9] sslh: denial of service
Arch Linux Security Advisory ASA-202506-9 ========================================= Severity: Medium Date : 2025-06-21 CVE-ID : CVE-2025-46807 Package : sslh Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2902 Summary ======= The package sslh before version 2.2.4-1 is vulnerable to denial of service. Resolution ========== Upgrade to 2.2.4-1. # pacman -Syu "sslh>=2.2.4-1" The problem has been fixed upstream in version 2.2.4. Workaround ========== None. Description =========== A Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to easily exhaust the file descriptors in sslh and deny legitimate users service. Impact ====== A remote attacker could exhaust file descriptors by opening multiple incomplete connections, leading to denial of service. References ========== https://security.opensuse.org/2025/06/13/sslh-denial-of-service-vulnerabilities.html#issue-segfault https://github.com/yrutschle/sslh/commit/ff8206f7c8a47f901b78a1b78db5a4c788f6aa6f https://github.com/yrutschle/sslh/releases/tag/v2.2.4 https://security.archlinux.org/CVE-2025-46807

[ASA-202506-9] sslh: denial of service

Arch Linux Security Advisory ASA-202506-9 ========================================= Severity: Medium Date : 2025-06-21 CVE-ID : CVE-2025-46807 Package : sslh Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2902 Summary ======= The package sslh before version 2.2.4-1 is vulnerable to denial of service. Resolution ========== Upgrade to 2.2.4-1. # pacman -Syu "sslh>=2.2.4-1" The problem has been fixed upstream in version 2.2.4. Workaround ========== None. Description =========== A Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to easily exhaust the file descriptors in sslh and deny legitimate users service. Impact ====== A remote attacker could exhaust file descriptors by opening multiple incomplete connections, leading to denial of service. References ========== https://security.opensuse.org/2025/06/13/sslh-denial-of-service-vulnerabilities.html#issue-segfault https://github.com/yrutschle/sslh/commit/ff8206f7c8a47f901b78a1b78db5a4c788f6aa6f https://github.com/yrutschle/sslh/releases/tag/v2.2.4 https://security.archlinux.org/CVE-2025-46807