Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Fedora 42 node-exporter 1.10.2 Critical Update Fix DoS Issues

fedora
Calendar Grey February 9, 2026
Dist Fedora Esm H88
Update details for Fedora's node-exporter 1.10.2, including bug fixes and workaround for ppc64 issue.
Update to 1.10.2 Update was blocked by a ppc64 issue, but a workaround has been found.

Summary

Prometheus exporter for hardware and OS metrics exposed by *NIX kernels, written

in Go with pluggable metric collectors.

Update Information:

Update to 1.10.2 Update was blocked by a ppc64 issue, but a workaround has been found.

Topics%20covered

Topics Covered

security advisory fedora DoS improvement node exporter crossoriginprotection

Change Log

* Fri Jan 30 2026 Alejandro Sez - 1.10.2-3 - Fix race condition * Fri Jan 16 2026 Fedora Release Engineering - 1.10.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Thu Dec 4 2025 Mikel Olasagasti Uranga - 1.10.2-1 - Update to 1.10.2 - Closes rhbz#2406209 rhbz#2408331 rhbz#2409804 rhbz#2410754 rhbz#2411650 * Fri Oct 10 2025 Alejandro Sez - 1.9.1-4 - rebuild * Fri Aug 15 2025 Maxwell G - 1.9.1-3 - Rebuild for golang-1.25.0 * Thu Jul 24 2025 Fedora Release Engineering - 1.9.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild

References


[ 1 ] Bug #2398866 - CVE-2025-47910 node-exporter: CrossOriginProtection bypass in net/http [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2398866 [ 2 ] Bug #2399538 - CVE-2025-47906 node-exporter: Unexpected paths returned from LookPath in os/exec [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2399538 [ 3 ] Bug #2408076 - CVE-2025-58189 node-exporter: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2408076 [ 4 ] Bug #2409546 - CVE-2025-61723 node-exporter: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2409546 [ 5 ] Bug #2410497 - CVE-2025-58185 node-exporter: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2410497 [ 6 ] Bug #2411395 - CVE-2025-58188 node-exporter: Panic when val...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-126cd91d11' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: node-exporter
Product: Fedora 42
Version: 1.10.2
Release: 3.fc42
URL: https://github.com/prometheus/node_exporter
Summary: Exporter for machine metrics

Topics%20covered

Topics Covered

security advisory fedora DoS improvement node exporter crossoriginprotection

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here