RHSA-2025:19429
Vulnerability from csaf_redhat - Published: 2025-11-03 07:34 - Updated: 2025-12-19 16:36Summary
Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (NVIDIA)
Notes
Topic
Red Hat Enterprise Linux AI 1.5 (NVIDIA) is now available.
Details
Red Hat® Enterprise Linux® AI is a foundation model platform to seamlessly develop, test,
and run Granite family large language models (LLMs) for enterprise applications.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Enterprise Linux AI 1.5 (NVIDIA) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae Enterprise Linux\u00ae AI is a foundation model platform to seamlessly develop, test, \nand run Granite family large language models (LLMs) for enterprise applications.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:19429",
"url": "https://access.redhat.com/errata/RHSA-2025:19429"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47273",
"url": "https://access.redhat.com/security/cve/CVE-2025-47273"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-48956",
"url": "https://access.redhat.com/security/cve/CVE-2025-48956"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-57809",
"url": "https://access.redhat.com/security/cve/CVE-2025-57809"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-8194",
"url": "https://access.redhat.com/security/cve/CVE-2025-8194"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai",
"url": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/ai"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_19429.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (NVIDIA)",
"tracking": {
"current_release_date": "2025-12-19T16:36:58+00:00",
"generator": {
"date": "2025-12-19T16:36:58+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2025:19429",
"initial_release_date": "2025-11-03T07:34:38+00:00",
"revision_history": [
{
"date": "2025-11-03T07:34:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-03T07:34:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-19T16:36:58+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AI 1.5",
"product": {
"name": "Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux_ai:1.5::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux AI"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64",
"product": {
"name": "registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64",
"product_id": "registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bootc-aws-nvidia-rhel9@sha256%3A385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8?arch=amd64\u0026repository_url=registry.redhat.io/rhelai1\u0026tag=1.5.4-1761236150"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64 as a component of Red Hat Enterprise Linux AI 1.5",
"product_id": "Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64"
},
"product_reference": "registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64",
"relates_to_product_reference": "Red Hat Enterprise Linux AI 1.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-8194",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2025-07-28T19:00:50.076451+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2384043"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Python tarfile module. Processing a specially crafted tar archive, specifically an archive with negative offsets, can cause an infinite loop and deadlock. This issue results in a denial of service in the Python application using the tarfile module.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: Cpython infinite loop when parsing a tarfile",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted tar archive with a Python application using the tarfile module. Furthermore, this vulnerability will cause a denial of service with no other security impact.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to ensure the most restrictive setting needed for operational requirements. Event logs are collected and processed for centralization, correlation, analysis, monitoring, reporting, alerting, and retention. This process ensures that audit logs are generated for specific events involving sensitive information, enabling capabilities like excessive CPU usage, long execution times, or processes consuming abnormal amounts of memory. Static code analysis and peer code review techniques are used to execute robust input validation and error-handling mechanisms to ensure all user inputs are thoroughly validated, preventing infinite loops caused by malformed or unexpected input, such as unbounded user input or unexpected null values that cause loops to never terminate. In the event of successful exploitation, process isolation limits the effect of an infinite loop to a single process rather than allowing it to consume all system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8194"
},
{
"category": "external",
"summary": "RHBZ#2384043",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2384043"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8194",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8194"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/130577",
"url": "https://github.com/python/cpython/issues/130577"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/137027",
"url": "https://github.com/python/cpython/pull/137027"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/ZULLF3IZ726XP5EY7XJ7YIN3K5MDYR2D/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/ZULLF3IZ726XP5EY7XJ7YIN3K5MDYR2D/"
}
],
"release_date": "2025-07-28T18:42:44.847000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-03T07:34:38+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:19429",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19429"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by adding the following code after importing the tarfile module (\"import tarfile\"):\n\n~~~\nimport tarfile\n\ndef _block_patched(self, count):\n if count \u003c 0: # pragma: no cover\n raise tarfile.InvalidHeaderError(\"invalid offset\")\n return _block_patched._orig_block(self, count)\n\n_block_patched._orig_block = tarfile.TarInfo._block\ntarfile.TarInfo._block = _block_patched\n~~~",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: Cpython infinite loop when parsing a tarfile"
},
{
"cve": "CVE-2025-47273",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-05-17T16:00:41.145177+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2366982"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability in the Python setuptools library allows attackers with limited system access to write files outside the intended temporary directory by manipulating package download URLs. This flaw bypasses basic filename sanitization and can lead to unauthorized overwrites of important system files, creating opportunities for further compromise. While it doesn\u0027t expose data or require user interaction, it poses a high integrity risk and is especially concerning in environments that rely on automated package handling or internal tooling built on setuptools.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "setuptools: Path Traversal Vulnerability in setuptools PackageIndex",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has rated this vulnerability \"Moderate\" based on the impact of the damage caused by a successful exploitation and the pre-requisites.\n\n* Exploitation requires that the attacker have limited code execution access to a Python environment where they can trigger the vulnerable PackageIndex.download() function\u2014this might be via a script, plugin, or automated job. Full admin rights aren\u0027t needed but a user with no access at all will be unable to exploit this vulnerability.\n* The vulnerability impacts the integrity of the system within the same security boundary\u2014it does not enable access or compromise across trust boundaries (e.g., from one container to another or from user space to kernel).\n* Successful exploitation only allows the attacker to \"create\" new files. The vulnerability does not provide access to existing files and by an extension to any confidential information. \n* Arbitrary file writes can overwrite critical config files, executables, or scripts. This can lead to persistent code execution, system misconfiguration, or unauthorized behavior, especially in automated environments. While overwriting critical files could theoretically lead to service disruption, the vulnerability in isolation does not inherently cause denial of service. The exploit doesn\u0027t target availability directly, and in many cases, systems may continue running.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to the successful exploitation of a CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation enforces strict path constraints, rejecting directory traversal attempts or unauthorized file access. Runtime environments restrict code execution to predefined privilege levels, preventing escalation from traversal exploits. Configuration settings limit accessible directories and enforce execution boundaries to reduce the influence of user input on file system behavior. Application components are developed and validated against secure coding standards that explicitly prevent path manipulation, further minimizing exploitation risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47273"
},
{
"category": "external",
"summary": "RHBZ#2366982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366982"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47273",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47273"
},
{
"category": "external",
"summary": "https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88",
"url": "https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88"
},
{
"category": "external",
"summary": "https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b",
"url": "https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b"
},
{
"category": "external",
"summary": "https://github.com/pypa/setuptools/issues/4946",
"url": "https://github.com/pypa/setuptools/issues/4946"
},
{
"category": "external",
"summary": "https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf",
"url": "https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf"
}
],
"release_date": "2025-05-17T15:46:11.399000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-03T07:34:38+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:19429",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19429"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "setuptools: Path Traversal Vulnerability in setuptools PackageIndex"
},
{
"cve": "CVE-2025-48956",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2025-06-12T17:02:11.238000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372522"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM. A denial of service (DoS) vulnerability can be triggered by sending a single HTTP GET request with an extremely large X-Forwarded-For header to an HTTP endpoint. This results in server memory exhaustion, potentially leading to a crash or unresponsiveness. The attack does not require authentication, making it exploitable by any remote user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: HTTP header size limit not enforced allows Denial of Service from Unauthenticated requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered Important rather than just Moderate because it enables a complete denial of service with minimal effort from a remote, unauthenticated attacker. Unlike moderate flaws that might require specific conditions, partial access, or complex exploitation chains, here a single oversized HTTP request is sufficient to exhaust server memory and crash the vLLM service. Since vLLM is often deployed as a backend for high-availability inference workloads, this creates a high-impact risk: availability is entirely compromised, all running workloads are disrupted, and recovery may require manual intervention. The lack of authentication barriers makes the attack surface fully exposed over the network, which elevates the severity beyond Moderate to Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-48956"
},
{
"category": "external",
"summary": "RHBZ#2372522",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372522"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-48956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48956"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48956",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48956"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/d8b736f913a59117803d6701521d2e4861701944",
"url": "https://github.com/vllm-project/vllm/commit/d8b736f913a59117803d6701521d2e4861701944"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-rxc4-3w6r-4v47",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-rxc4-3w6r-4v47"
}
],
"release_date": "2025-08-26T14:51:41.716000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-03T07:34:38+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:19429",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19429"
},
{
"category": "workaround",
"details": "Until a fix is available, the risk can be reduced by running vLLM behind a reverse proxy such as Nginx, Envoy, or HAProxy with strict header size limits, ensuring that oversized requests are dropped before reaching the service. Additional safeguards like container or VM resource limits and traffic monitoring can help contain the impact, but upgrading to the patched release remains the definitive solution.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: HTTP header size limit not enforced allows Denial of Service from Unauthenticated requests"
},
{
"cve": "CVE-2025-57809",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-08-25T22:01:14.907855+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2390943"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xgrammar. Recursive grammar definitions could trigger infinite recursion during parsing in GrammarMatcherBase::ExpandEquivalentStackElements, leading to unbounded stack growth and a segmentation fault. This vulnerability allows remote attackers to cause a denial of service (DoS) when untrusted grammar is processed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xgrammar: XGrammar affected by Denial of Service by infinite recursion grammars",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered Important because it can be exploited remotely, without authentication or user interaction, and directly impacts the availability of systems that rely on xgrammar for structured output parsing. Unlike a Moderate flaw that might require unusual conditions or only cause partial degradation, the infinite recursion issue reliably leads to process termination or complete resource exhaustion when malicious input is supplied. Since xgrammar is often integrated into long-running LLM inference services or API backends, a single crafted grammar can consistently force these services into a denial-of-service state, making it a practical, high-impact attack vector. While it does not compromise confidentiality or integrity, the ease of exploitation, network accessibility, and total loss of availability elevate it from a moderate to an important security issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-57809"
},
{
"category": "external",
"summary": "RHBZ#2390943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2390943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-57809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57809"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-57809",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57809"
},
{
"category": "external",
"summary": "https://github.com/mlc-ai/xgrammar/commit/b943feacb5a1caf4d39de8ec3bf7c7ce066dcee5",
"url": "https://github.com/mlc-ai/xgrammar/commit/b943feacb5a1caf4d39de8ec3bf7c7ce066dcee5"
},
{
"category": "external",
"summary": "https://github.com/mlc-ai/xgrammar/issues/250",
"url": "https://github.com/mlc-ai/xgrammar/issues/250"
},
{
"category": "external",
"summary": "https://github.com/mlc-ai/xgrammar/security/advisories/GHSA-5cmr-4px5-23pc",
"url": "https://github.com/mlc-ai/xgrammar/security/advisories/GHSA-5cmr-4px5-23pc"
}
],
"release_date": "2025-08-25T21:22:00.226000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-03T07:34:38+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:19429",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19429"
},
{
"category": "workaround",
"details": "Mitigation is either unavailable or does not meet Red Hat Product Security standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Enterprise Linux AI 1.5:registry.redhat.io/rhelai1/bootc-aws-nvidia-rhel9@sha256:385028a96717418982de197f8f0a9052edf12f80a50bd8ab53ca72203a4ba5d8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xgrammar: XGrammar affected by Denial of Service by infinite recursion grammars"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…