ALSA-2025:9150

[ALSA-2025:9150] Moderate: gvisor-tap-vsock security update

Type:

security

Severity:

moderate

Release date:

2025-06-17

Description:

A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding.  

Security Fix(es):  

  * net/[http:](http:) Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	gvisor-tap-vsock-0.8.5-2.el9_6.aarch64.rpm	4d17c14d80173eae3eb78f2083fbdc9e96bc33c1623e250a06f928b6d9761395
aarch64	gvisor-tap-vsock-gvforwarder-0.8.5-2.el9_6.aarch64.rpm	6f97b4df4b21158a9560bbcee12d071f8d14c82b8d0bf233570d9dd794e2c38e
ppc64le	gvisor-tap-vsock-0.8.5-2.el9_6.ppc64le.rpm	370d24a4b7384eeebbed2f1bc06a6c2dd9a69242b044e83e78967e6d0ef1f003
ppc64le	gvisor-tap-vsock-gvforwarder-0.8.5-2.el9_6.ppc64le.rpm	dcf1aeeb73392783fb2ef9cce71203700d4f8262678eab9835ad6db0d5d377d4
s390x	gvisor-tap-vsock-0.8.5-2.el9_6.s390x.rpm	0b308b3657ef88e07325d447070e7f048d1a5174302b05488f09c1976b06617f
s390x	gvisor-tap-vsock-gvforwarder-0.8.5-2.el9_6.s390x.rpm	fb204571f4b629e9b7aa3b26566ff2f2d0bafe02187181ce53b83b70fd9f5ea8
x86_64	gvisor-tap-vsock-0.8.5-2.el9_6.x86_64.rpm	1c7df3c92f525ad936c4e9d5be5f07fbf0520f35a824e25ad031ac58717e1a65
x86_64	gvisor-tap-vsock-gvforwarder-0.8.5-2.el9_6.x86_64.rpm	6e658fb0c42ba769e6541b9a7bf381cc1c5061d5be7d8feae0ea6b3a96a1a390

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.