[ALSA-2025:3833] Important: gvisor-tap-vsock security update
Type:
security
Severity:
important
Release date:
2025-04-15
Description:
A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for podman-machine virtual machines. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. Security Fix(es): * golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (CVE-2025-22869) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 gvisor-tap-vsock-0.8.5-1.el9_5.aarch64.rpm 8444ac2d5604d43a31c3af698f15cf849fa0fb116a34ae9f45d8e7e5d65ab388
ppc64le gvisor-tap-vsock-0.8.5-1.el9_5.ppc64le.rpm 55b13f4d3c043f2a82f7f9f7a50ecdd05e5309b9582e7096c8f2cc604d83a5ac
s390x gvisor-tap-vsock-0.8.5-1.el9_5.s390x.rpm 9b2efd82d857b25fd7b1e4fcc78fdf4eb2a079a55679e86bbeaf4a5703c89659
x86_64 gvisor-tap-vsock-0.8.5-1.el9_5.x86_64.rpm 5dd7d5b8cb7c8fbc03988e75224c9fc4624ce4b62dd428e0804a27016c496a0d
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.