oss-sec mailing list archives
Re: atop: Heap corruption
From: Thomas Ward <teward () thomas-ward net>
Date: Wed, 26 Mar 2025 20:12:32 -0400
Not sure if MITRE is on this list, but... On 2025-03-26 19:56, Alan Coopersmith wrote:
... this should include a link to https://github.com/Atoptool/atop/issues/330 which is a tracker for the issue in this CVE. It looks like a munmap patch has been provided but it looks also that this may be one of multiple 'suspicious' commits on the radar (if you read the issue thread).On 3/26/25 16:07, Solar Designer wrote:Hi, This (or rather an earlier vague warning) made it to various tech news sites today: https://rachelbythebay.com/w/2025/03/26/atop/CVE-2025-31160 appears to have been issued by Mitre to track this: https://www.cve.org/CVERecord?id=CVE-2025-31160 but only listing the above blog and the ycombinator threads for details.
Thomas Ward, CISSP
Current thread:
- atop: Heap corruption Solar Designer (Mar 26)
- Re: atop: Heap corruption Alan Coopersmith (Mar 26)
- Re: atop: Heap corruption Thomas Ward (Mar 26)
- Re: atop: Heap corruption Mark Steward (Mar 26)
- Re: atop: Heap corruption Solar Designer (Mar 26)
- Re: atop: Heap corruption Alan Coopersmith (Mar 28)
- CVE-2025-31160 Atop 2.11 heap problems Gerlof Langeveld (Mar 29)
- Re: atop: Heap corruption Thomas Ward (Mar 26)
- Re: atop: Heap corruption Alan Coopersmith (Mar 26)