CVE-2025-6297

CVE-2025-6297

Name

CVE-2025-6297

Description

It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on adversarial .deb packages or with well compressible files, placed inside a directory with permissions not allowing removal by a non-root user, this can end up in a DoS scenario due to causing disk quota exhaustion or disk full conditions.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
security@debian.org	https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=ed6bbd445dd8800308c67236ba35d08004c98e82

Type

URI

security@debian.org

https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=ed6bbd445dd8800308c67236ba35d08004c98e82

Match rules

CPE URI	Source package	Min version	Max version
	dpkg	>= 0	< ed6bbd445dd8800308c67236ba35d08004c98e82
`cpe:2.3:a:debian:dpkg::::::::`	dpkg	>= None	< 2025-06-30
`cpe:2.3:a:debian:dpkg::::::::`	dpkg	>= None	< 1.22.21

CPE URI

Source package

Min version

Max version

dpkg

>= 0

< ed6bbd445dd8800308c67236ba35d08004c98e82

cpe:2.3:a:debian:dpkg:*:*:*:*:*:*:*:*

dpkg

>= None

< 2025-06-30

cpe:2.3:a:debian:dpkg:*:*:*:*:*:*:*:*

dpkg

>= None

< 1.22.21

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
dpkg	edge-main	1.22.11-r0	Celeste <cielesti@protonmail.com>	possibly vulnerable
dpkg	edge-main	1.22.12-r0	Celeste <cielesti@protonmail.com>	possibly vulnerable
dpkg	edge-main	1.22.13-r0	Celeste <cielesti@protonmail.com>	possibly vulnerable
dpkg	edge-main	1.22.14-r0	Celeste <cielesti@protonmail.com>	possibly vulnerable
dpkg	edge-main	1.22.15-r0	Celeste <cielesti@protonmail.com>	possibly vulnerable
dpkg	edge-main	1.22.19-r0	Celeste <cielesti@protonmail.com>	possibly vulnerable
dpkg	edge-main	1.22.20-r0	Celeste <cielesti@protonmail.com>	possibly vulnerable
dpkg	edge-main	1.22.21-r0	Celeste <cielesti@protonmail.com>	possibly vulnerable
dpkg	3.22-main	1.22.15-r0	Celeste <cielesti@protonmail.com>	possibly vulnerable
dpkg	3.21-main	1.22.11-r0	Celeste <cielesti@protonmail.com>	possibly vulnerable
dpkg	3.20-main	1.22.6-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
dpkg	3.19-main	1.22.1-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

dpkg

edge-main

1.22.11-r0

Celeste <cielesti@protonmail.com>

possibly vulnerable

dpkg

edge-main