Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 42: openbao Critical CVE-2025-64761 Privileged Escalation Advisory

fedora
Calendar Grey December 3, 2025
Dist Fedora Esm H88
Update for Fedora 42 addresses a critical security issue in openbao related to unauthenticated access.
update to upstream 2.4.4, which fixed CVE-2025-64761 Adds hsm tag

Summary

Openbao secures, stores, and tightly controls access to tokens, passwords,

certificates, API keys, and other secrets in modern computing. Openbao handles

leasing, key revocation, key rolling, and auditing. Through a unified API, users

can access an encrypted Key/Value store and network encryption-as-a-service, or

generate AWS IAM/STS credentials, SQL/NoSQL databases, X.509 certificates, SSH

credentials, and more.

Update Information:

update to upstream 2.4.4, which fixed CVE-2025-64761 Adds hsm tag. The fedora-42 build was done with golang-1.24.10 which fixed CVE-2025-58183.

Topics%20covered

Topics Covered

security advisory fedora critical privileged escalation openbao cve-2025-64761

Change Log

* Mon Nov 24 2025 Dave Dykstra <2129743+DrDaveD@users.noreply.github.com> - 2.4.4-1 - update to 2.4.4 * Tue Nov 18 2025 Dave Dykstra <2129743+DrDaveD@users.noreply.github.com> - 2.4.3-2 - add hsm build tag

References


[ 1 ] Bug #2412809 - CVE-2025-58183 openbao: Unbounded allocation when parsing GNU sparse map [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2412809 [ 2 ] Bug #2417145 - CVE-2025-64761 openbao: OpenBao Privileged Operator Identity Group Root Escalation [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2417145

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-6b2336ec55' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: openbao
Product: Fedora 42
Version: 2.4.4
Release: 1.fc42
URL: https://openbao.org
Summary: A tool for securely accessing secrets

Topics%20covered

Topics Covered

security advisory fedora critical privileged escalation openbao cve-2025-64761

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here