ALSA-2025:9151

[ALSA-2025:9151] Moderate: gvisor-tap-vsock security update

Type:

security

Severity:

moderate

Release date:

2025-06-17

Description:

A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding.  

Security Fix(es):  

  * net/[http:](http:) Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	gvisor-tap-vsock-gvforwarder-0.8.5-2.el10_0.aarch64.rpm	2647c084a013773aa56396c46decfee2c574c74e6fcfd691f57132e8d46b7c15
aarch64	gvisor-tap-vsock-0.8.5-2.el10_0.aarch64.rpm	7143bb50c188f9d9f5ab3b4c430b497ca165ff582d206930eb169c29a916202a
ppc64le	gvisor-tap-vsock-gvforwarder-0.8.5-2.el10_0.ppc64le.rpm	22b9cb19a23cf1db9d733e46e3b4b31e2fe990c1ca05317c3c4c1b7890bbba5d
ppc64le	gvisor-tap-vsock-0.8.5-2.el10_0.ppc64le.rpm	78c68db572f2b7918800e19cff06804eedee25f86e6a3f55ceb0e83a70451a98
s390x	gvisor-tap-vsock-0.8.5-2.el10_0.s390x.rpm	5c67abd0dafa7edcf0067c205f6592c14d9aeb6b6909d3dd167dee3e56d250cc
s390x	gvisor-tap-vsock-gvforwarder-0.8.5-2.el10_0.s390x.rpm	a405bcb3a3d06d3392a839fb0e3b0c3470e1fa60348595f3aa3b474b5efdbbc7
x86_64	gvisor-tap-vsock-gvforwarder-0.8.5-2.el10_0.x86_64.rpm	d77117cbcdd5f2bba2c66a303180a1995e51bef08ad67ee29f0ae554fa17c598
x86_64	gvisor-tap-vsock-0.8.5-2.el10_0.x86_64.rpm	e9e676850efd20711a2a4594d651c2112454a50f0c6dddf807b5189c34176d8c
x86_64_v2	gvisor-tap-vsock-gvforwarder-0.8.5-2.el10_0.x86_64_v2.rpm	4c9ad813f38f82e20a695eadd8cdd14766895cd658b96905127e84e141a98a4c
x86_64_v2	gvisor-tap-vsock-0.8.5-2.el10_0.x86_64_v2.rpm	e5073cd2a559260b30e1d3ce8ca22009290b1148ba5238b848fc509927596dc9

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.