Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 41: FEDORA-2025-297c7ac7fe critical: keylime-agent-rust double-free

fedora
Calendar Grey June 25, 2025
Dist Fedora Esm H88
Explore Fedora 41's keylime-agent-Rust security advisory addressing critical Punycode decoding issues.
Rebuild applications to apply two recent security updates: build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when dec...

Summary

Rust agent for Keylime

Update Information:

Rebuild applications to apply two recent security updates: build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded) build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double- free on Drop)

Topics%20covered

Topics Covered

security advisory security issue fedora critical double-free punycode

Change Log

* Mon Jun 16 2025 Fabio Valentini - 0.2.7-5 - Rebuild for idna crate >= v1.0.0 (CVE-2024-12224)

References


[ 1 ] Bug #2366525 - CVE-2025-4574 atuin: crossbeam-channel Vulnerable to Double Free on Drop [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2366525 [ 2 ] Bug #2366527 - CVE-2025-4574 awatcher: crossbeam-channel Vulnerable to Double Free on Drop [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2366527 [ 3 ] Bug #2370559 - CVE-2024-12224 atuin: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2370559 [ 4 ] Bug #2370561 - CVE-2024-12224 awatcher: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2370561 [ 5 ] Bug #2370566 - CVE-2024-12224 gotify-desktop: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2370566 [ 6 ] Bug #2370568 - CVE-2024-12224 keylime-agent-rust:...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-297c7ac7fe' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: keylime-agent-rust
Product: Fedora 41
Version: 0.2.7
Release: 5.fc41
URL: https://github.com/keylime/rust-keylime/
Summary: Rust agent for Keylime

Topics%20covered

Topics Covered

security advisory security issue fedora critical double-free punycode

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here