CVE-2025-62875

Exploit

EPSS 0.04%
Veröffentlicht 20.11.2025 16:16:00
Zuletzt bearbeitet 15.01.2026 19:03:30
Quelle meissner@suse.de
CVE-Watchlists
Login
Unerledigt
Login

Local DoS in OpenSMTPD via UNIX domain socket smtpd.sock

An Improper Check for Unusual or Exceptional Conditions vulnerability in OpenSMTPD allows local users to crash OpenSMTPD.




This issue affects openSUSE Tumbleweed: from ? before 7.8.0p0-1.1.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 7

NVD 2 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Opensmtpd ≫ Opensmtpd Version7.7.0 Updatep0

Opensuse ≫ Tumbleweed Version < 7.8.0p0-1.1

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.105

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
meissner@suse.de	6.9	0	0	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-754 Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-62875

Patch

Issue Tracking

https://security.opensuse.org/2025/10/31/opensmtpd-local-DoS.html

Third Party Advisory

Exploit

http://www.openwall.com/lists/oss-security/2025/10/31/3

Third Party Advisory

Exploit

Mailing List

https://security.opensuse.org/2025/10/31/opensmtpd-local-DoS.html#reproducer

Third Party Advisory