CNNVD-202507-3669 Information

CNNVD ID

CNNVD-202507-3669

Related CVE

CVE-2025-54410

• CNNVD Published: 2025-07-30

Description (Chinese)

Moby是Moby开源的一个开源项目。旨在推动软件的容器化，并帮助生态系统使容器技术主流化。 Moby 28.0.0之前版本存在安全漏洞，该漏洞源于firewalld重新加载时未重新创建iptables规则，可能导致容器间网络隔离失效。

Description (English)

Moby is an open source project for Moby open source. The aim is to promote the packaging of software and help ecosystems to mainstream packaging technology. A security loophole existed in the previous Moby 28.0.0 version, which stemmed from the failure to recreate the ptables rule at the time of the reloading of Fairewalld, which could result in the failure of network separation between containers.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

Moby

Published

2025-07-30

Last Modified

2026-02-24

References

https://github.com/moby/moby/security/advisories/GHSA-4vq8-7jfc-9cvp https://firewalld.org/documentation/howto/reload-firewalld.html https://access.redhat.com/security/cve/cve-2025-54410 https://vigilance.fr/vulnerability/Docker-Moby-denial-of-service-via-firewalld-47811 https://nvd.nist.gov/vuln/detail/CVE-2025-54410

Patch

https://github.com/moby/moby/releases