Fedora 42: FEDORA-2025-f4cee58e97 critical: nodejs22 DoS risks
fedora
May 28, 2025
Update to version 22.15.1
Summary
Node.js is a platform built on Chrome's JavaScript runtime \
for easily building fast, scalable network applications. \
Node.js uses an event-driven, non-blocking I/O model that \
makes it lightweight and efficient, perfect for data-intensive \
real-time applications that run across distributed devices.}
Update Information:
Update to version 22.15.1
Topics Covered
Change Log
* Thu May 15 2025 tjuhasz
References
[ 1 ] Bug #2367230 - CVE-2025-23165 nodejs22: Memory Leak in Node.js ReadFileUtf8 Binding Leading to DoS [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2367230
[ 2 ] Bug #2367232 - CVE-2025-23165 nodejs22: Memory Leak in Node.js ReadFileUtf8 Binding Leading to DoS [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2367232
[ 3 ] Bug #2367237 - CVE-2025-23166 nodejs22: Remote Crash via SignTraits::DeriveBits() in Node.js [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2367237
[ 4 ] Bug #2367241 - CVE-2025-23166 nodejs22: Remote Crash via SignTraits::DeriveBits() in Node.js [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2367241
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-f4cee58e97' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: nodejs22
Product: Fedora 42
Version: 22.15.1
Release: 1.fc42
Summary: JavaScript runtime
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!