Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 42: 2025-e4d441a4dd critical: incus denial of service fixes

fedora
Calendar Grey May 7, 2025
Dist Fedora Esm H88
Update to Incus 6.12 to fix various problems on Fedora 42 and enhance overall performance.
Rebase to Incus 6.12 to fix a variety of issues

Summary

Container hypervisor based on LXC

Incus offers a REST API to remotely manage containers over the network,

using an image based work-flow and with support for live migration.

This package contains the Incus daemon.

Update Information:

Rebase to Incus 6.12 to fix a variety of issues

Topics%20covered

Topics Covered

security advisory Fedora update information Denial of Service container management incus

Change Log

* Mon May 5 2025 Reto Gantenbein - 6.12-1 - Update to incus-6.12 * Fri Jan 17 2025 Fedora Release Engineering - 6.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild

References


[ 1 ] Bug #2292123 - incus changes the mode of /run/incus back to 0700 https://bugzilla.redhat.com/show_bug.cgi?id=2292123 [ 2 ] Bug #2340645 - incus: FTBFS in Fedora rawhide/f42 https://bugzilla.redhat.com/show_bug.cgi?id=2340645 [ 3 ] Bug #2341879 - incus-6.12.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2341879 [ 4 ] Bug #2347480 - CVE-2025-27144 incus: Go JOSE's Parsing Vulnerable to Denial of Service [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2347480 [ 5 ] Bug #2350832 - CVE-2025-22869 incus: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2350832 [ 6 ] Bug #2352303 - CVE-2025-22870 incus: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2352303 [ 7 ] Bug #2354445 - CVE-2025-30204 incus: jwt-go allows excessive memory allocation during header ...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-e4d441a4dd' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: incus
Product: Fedora 42
Version: 6.12
Release: 1.fc42
URL: https://linuxcontainers.org/incus
Summary: Powerful system container and virtual machine manager

Topics%20covered

Topics Covered

security advisory Fedora update information Denial of Service container management incus

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here