Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 43: libcoap Major Security Flaw Identified 2025-b412c87h5z

fedora
Calendar Grey December 5, 2025
Dist Fedora Esm H88
Libcoap has released a critical security update in Fedora 43 addressing multiple denial of service issues and use-after-free.
Update to security release 4.3.5a

Summary

The Constrained Application Protocol (CoAP) is a specialized web transfer

protocol for use with constrained nodes and constrained networks in the Internet

of Things. The protocol is designed for machine-to-machine (M2M) applications

such as smart energy and building automation.

libcoap implements a lightweight application-protocol for devices with

constrained resources such as computing power, RF range, memory, bandwidth,

or network packet sizes. This protocol, CoAP, was standardized in the IETF

working group "CoRE" as RFC 7252.

Update Information:

Update to security release 4.3.5a

Topics%20covered

Topics Covered

security advisory denial of service fedora critical use-after-free libcoap

Change Log

* Sat Nov 29 2025 Peter Robinson - 4.3.5a-1 - Update to 4.3.5a

References


[ 1 ] Bug #2388738 - CVE-2025-50518 libcoap: Libcoap Use-After-Free Vulnerability [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2388738 [ 2 ] Bug #2388740 - CVE-2025-50518 libcoap: Libcoap Use-After-Free Vulnerability [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2388740 [ 3 ] Bug #2416889 - CVE-2025-65493 libcoap: libcoap denial of service [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2416889 [ 4 ] Bug #2416890 - CVE-2025-65494 libcoap: libcoap denial of service [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2416890 [ 5 ] Bug #2416891 - CVE-2025-65493 libcoap: libcoap denial of service [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2416891 [ 6 ] Bug #2416892 - CVE-2025-65495 libcoap: libcoap denial of service [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2416892 [ 7 ] Bug #2416893 - CVE-2025-65493 libcoap: libcoap denial of service [fedora-43] ...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-d408d76c4a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: libcoap
Product: Fedora 43
Version: 4.3.5a
Release: 1.fc43
URL: https://libcoap.net/
Summary: C library implementation of CoAP

Topics%20covered

Topics Covered

security advisory denial of service fedora critical use-after-free libcoap

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here