CVE-2025-22242
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-06-13

Last updated on: 2025-06-17

Assigner: VMware

Description
Worker process denial of service through file read operation. .A vulnerability exists in the Master's “pub_ret” method which is exposed to all minions. The un-sanitized input value “jid” is used to construct a path which is then opened for reading. An attacker could exploit this vulnerabilities by attempting to read from a filename that will not return any data, e.g. by targeting a pipe node on the proc file system.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-13
Last Modified
2025-06-17
Generated
2026-05-07
AI Q&A
2025-06-13
EPSS Evaluated
2026-05-05
NVD
CVE-2025-22242
EUVD
EUVD-2025-18248
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-400 The product does not properly control the allocation and maintenance of a limited resource.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a denial of service issue in the worker process caused by the Master component's "pub_ret" method. The method uses an un-sanitized input called "jid" to construct a file path that it then attempts to read. An attacker can exploit this by providing a filename that does not return data, such as a pipe node on the proc file system, causing the worker process to be denied service.


How can this vulnerability impact me? :

The vulnerability can cause a denial of service in the worker process, potentially disrupting normal operations by making the worker process unavailable or unresponsive due to attempts to read from specially crafted file paths.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart