vulnerability
Rocky Linux: CVE-2025-61729: yggdrasil (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Jan 22, 2026 | Jan 26, 2026 | Mar 31, 2026 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Jan 22, 2026
Added
Jan 26, 2026
Modified
Mar 31, 2026
Description
Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.
Solutions
rocky-upgrade-aardvark-dnsrocky-upgrade-buildahrocky-upgrade-buildah-debuginforocky-upgrade-buildah-debugsourcerocky-upgrade-buildah-testsrocky-upgrade-buildah-tests-debuginforocky-upgrade-conmonrocky-upgrade-conmon-debuginforocky-upgrade-conmon-debugsourcerocky-upgrade-containernetworking-pluginsrocky-upgrade-containernetworking-plugins-debuginforocky-upgrade-containernetworking-plugins-debugsourcerocky-upgrade-containers-commonrocky-upgrade-critrocky-upgrade-criurocky-upgrade-criu-debuginforocky-upgrade-criu-debugsourcerocky-upgrade-criu-develrocky-upgrade-criu-libsrocky-upgrade-criu-libs-debuginforocky-upgrade-crunrocky-upgrade-crun-debuginforocky-upgrade-crun-debugsourcerocky-upgrade-delverocky-upgrade-delve-debuginforocky-upgrade-delve-debugsourcerocky-upgrade-fuse-overlayfsrocky-upgrade-fuse-overlayfs-debuginforocky-upgrade-fuse-overlayfs-debugsourcerocky-upgrade-git-lfsrocky-upgrade-git-lfs-debuginforocky-upgrade-git-lfs-debugsourcerocky-upgrade-go-toolsetrocky-upgrade-golangrocky-upgrade-golang-binrocky-upgrade-golang-github-openprinting-ipp-usb-debugsourcerocky-upgrade-golang-racerocky-upgrade-grafanarocky-upgrade-grafana-debuginforocky-upgrade-grafana-debugsourcerocky-upgrade-grafana-pcprocky-upgrade-grafana-pcp-debuginforocky-upgrade-grafana-pcp-debugsourcerocky-upgrade-grafana-selinuxrocky-upgrade-ipp-usbrocky-upgrade-ipp-usb-debuginforocky-upgrade-libslirprocky-upgrade-libslirp-debuginforocky-upgrade-libslirp-debugsourcerocky-upgrade-libslirp-develrocky-upgrade-netavarkrocky-upgrade-oci-seccomp-bpf-hookrocky-upgrade-oci-seccomp-bpf-hook-debuginforocky-upgrade-oci-seccomp-bpf-hook-debugsourcerocky-upgrade-opentelemetry-collectorrocky-upgrade-podmanrocky-upgrade-podman-catatonitrocky-upgrade-podman-catatonit-debuginforocky-upgrade-podman-debuginforocky-upgrade-podman-debugsourcerocky-upgrade-podman-gvproxyrocky-upgrade-podman-gvproxy-debuginforocky-upgrade-podman-pluginsrocky-upgrade-podman-plugins-debuginforocky-upgrade-podman-remoterocky-upgrade-podman-remote-debuginforocky-upgrade-podman-testsrocky-upgrade-podman-tests-debuginforocky-upgrade-python3-criurocky-upgrade-runcrocky-upgrade-runc-debuginforocky-upgrade-runc-debugsourcerocky-upgrade-skopeorocky-upgrade-skopeo-debuginforocky-upgrade-skopeo-debugsourcerocky-upgrade-skopeo-testsrocky-upgrade-slirp4netnsrocky-upgrade-slirp4netns-debuginforocky-upgrade-slirp4netns-debugsourcerocky-upgrade-toolboxrocky-upgrade-toolbox-debuginforocky-upgrade-toolbox-debugsourcerocky-upgrade-toolbox-testsrocky-upgrade-yggdrasilrocky-upgrade-yggdrasil-debuginforocky-upgrade-yggdrasil-debugsourcerocky-upgrade-yggdrasil-devel
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.