vulnerability
FreeBSD: VID-eed1a411-699b-11f0-91fe-000c295725e4 (CVE-2025-24294): rubygem-resolv -- Possible denial of service
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Jul 25, 2025 | Jul 26, 2025 | Dec 10, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Jul 25, 2025
Added
Jul 26, 2025
Modified
Dec 10, 2025
Description
Manu reports: The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses such a packet, the name decompression process consumes a large amount of CPU resources, as the library does not limit the resulting length of the name. This resource consumption can cause the application thread to become unresponsive, resulting in a Denial of Service condition.
Solutions
freebsd-upgrade-package-rubygem-resolvfreebsd-upgrade-package-rubyfreebsd-upgrade-package-ruby32freebsd-upgrade-package-ruby33freebsd-upgrade-package-ruby34freebsd-upgrade-package-ruby35
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.