CVE-2025-24294

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions: Ruby (affected versions not specified)

Description: The issue is related to a possible Denial of Service in the resolv gem. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-1284

Related Identifiers

ALSA-2025:23062

ALSA-2025:23063

ALSA-2025:23141

AZL-65202

AZL-65241

BDU:2025-15238

CVE-2025-24294

ECHO-1466-059C-A8C5

GHSA-XH69-987W-HRP8

RHSA-2025:23062

RHSA-2025:23063

RHSA-2025:23141

RHSA-2025:23648

RHSA-2025:23927

SUSE-SU-2025:3776-1

SUSE-SU-2025:4264-1

SUSE-SU-2025_3776-1

USN-7734-1

USN-7735-1

Affected Products

Almalinux

Centos

Debian

Linuxmint

Red Hat

Red Os

Rocky Linux

Ruby

Suse

Ubuntu

Resolve

CVE-2025-24294

Weakness Enumeration

Related Identifiers

Affected Products

References · 85