16 matches found
SUSE: Security Advisory (SUSE-SU-2025:03198-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for curl
This update for curl fixes the following issues: Update to version 8.14.1 jscPED-13055, jscPED-13056. Security issues fixed: CVE-2025-0665: eventfd double close can cause libcurl to act unreliably bsc1236589. CVE-2025-4947: QUIC certificate check is skipped with wolfSSL allows for MITM attacks...
Azure Linux 3.0 Security Update: curl / mysql (CVE-2025-0665)
The version of curl / mysql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-0665 advisory. - libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channe...
CBL Mariner 2.0 Security Update: curl / mysql (CVE-2025-0665)
The version of curl / mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-0665 advisory. - libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channe...
K000150939: cURL vulnerability CVE-2025-0665
Security Advisory Description libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve. CVE-2025-0665 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...
CVE-2025-0665 affecting package curl for versions less than 8.11.1-3
CVE-2025-0665 affecting package curl for versions less than 8.11.1-3. A patched version of the package is available...
Curl < 8.12.0 Double Close (CVE-2025-0665)
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 8090...
BELL-CVE-2025-0665
Bulletin has no description...
DEBIAN-CVE-2025-0665
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...
CVE-2025-0665 vulnerabilities
Vulnerabilities for packages: curl...
CVE-2025-0665 vulnerabilities
Vulnerabilities for packages: curl...
CVE-2025-0665 eventfd double close
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...
CVE-2025-0665
CVE-2025-0665 affects libcurl/curl. The issue is double-closing the same eventfd file descriptor when bringing down a connection channel after a threaded name resolve, leading to potential instability and misbehavior. Several sources note that this can allow a remote attacker to execute arbitrary...
CVE-2025-0665
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...
CVE-2025-0665
libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...
curl: CVE-2025-0665: eventfd double close
Summary: GitHub issue 15725 describes a double close in libcurl 8.11.1. I believe that a double close in multi threaded code should be considered a security vulnerability. A fix already exists for this, so it should be good in the next release. I am not 100% sure this is the place to be making su...