Updated atop packages fix security vulnerability
Publication date: 10 Apr 2025Modification date: 09 Apr 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-31160
Description
atop through 2.11.0 allows local users to cause a denial of service
(e.g., assertion failure and application exit) or possibly have
unspecified other impact by running certain types of unprivileged
processes while a different user runs atop. (CVE-2025-31160)
References
- https://bugs.mageia.org/show_bug.cgi?id=34139
- https://www.openwall.com/lists/oss-security/2025/03/26/2
- https://www.openwall.com/lists/oss-security/2025/03/26/3
- https://rachelbythebay.com/w/2025/03/26/atop/
- https://news.ycombinator.com/item?id=43485980
- https://news.ycombinator.com/item?id=43477057
- https://www.openwall.com/lists/oss-security/2025/03/29/1
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3K7T3QBXEP6TWTVJEMB47AVS2B2R5O5V/
- https://lists.debian.org/debian-security-announce/2025/msg00054.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-31160
SRPMS
9/core
- atop-2.8.1-1.1.mga9