CNNVD-202507-003 Information

CNNVD ID

CNNVD-202507-003

Related CVE

CVE-2025-6297

• CNNVD Published: 2025-07-01

Description (Chinese)

dpkg-deb是Debian社区的一个Linux中的软件包管理器。 dpkg-deb存在安全漏洞，该漏洞源于目录权限清理不当，可能导致拒绝服务攻击。

Description (English)

dpkg-deb is a software package manager in Linux in the Debian community. There is a security loophole in dpkg-deb, which stems from inadequate cataloguing and may lead to denial of service attacks.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Debian

Published

2025-07-01

Last Modified

2026-02-24

References

https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=ed6bbd445dd8800308c67236ba35d08004c98e82 https://vigilance.fr/vulnerability/Fedora-dpkg-disk-space-leak-dated-22-07-2025-47765 https://access.redhat.com/security/cve/cve-2025-6297 https://nvd.nist.gov/vuln/detail/CVE-2025-6297

Patch

https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=ed6bbd445dd8800308c67236ba35d08004c98e82