Fedora 42: Fluidsynth Important Race Condition CVE-2025-68617

fedora

December 29, 2025

Update to 2.5.2 Fix for CVE-2025-68617

Summary

FluidSynth is a real-time software synthesizer based on the SoundFont 2

specifications. It is a "software synthesizer". FluidSynth can read MIDI events

from the MIDI input device and render them to the audio device. It features

real-time effect modulation using SoundFont 2.01 modulators, and a built-in

command line shell. It can also play MIDI files (note: FluidSynth was previously

called IIWU Synth).

Update Information:

Update to 2.5.2 Fix for CVE-2025-68617

Topics Covered

security advisory fedora code execution privilege escalation important fluidsynth

Change Log

* Wed Dec 24 2025 Christoph Karl - 2.5.2-1 - Update to 2.5.2 - Fix for CVE-2025-68617

References

[ 1 ] Bug #2424828 - CVE-2025-68617 fluidsynth: FluidSynth: Race Condition in DLS Unloading Allows Code Execution and Privilege Escalation [epel-10] https://bugzilla.redhat.com/show_bug.cgi?id=2424828 [ 2 ] Bug #2424831 - CVE-2025-68617 fluidsynth: FluidSynth: Race Condition in DLS Unloading Allows Code Execution and Privilege Escalation [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2424831 [ 3 ] Bug #2424833 - CVE-2025-68617 fluidsynth: FluidSynth: Race Condition in DLS Unloading Allows Code Execution and Privilege Escalation [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2424833 [ 4 ] Bug #2424835 - CVE-2025-68617 fluidsynth: FluidSynth: Race Condition in DLS Unloading Allows Code Execution and Privilege Escalation [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2424835

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-202d079b40' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity

important

Lowest

Low

Medium

High

Critical

Name: fluidsynth

Product: Fedora 42

Version: 2.5.2

Release: 1.fc42

URL: http://www.fluidsynth.org/

Summary: Real-time software synthesizer

Topics Covered

security advisory fedora code execution privilege escalation important fluidsynth

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 42: Fluidsynth Important Race Condition CVE-2025-68617

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 42: Fluidsynth Important Race Condition CVE-2025-68617

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!