CVE-2025-65947
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-21

Last updated on: 2025-11-21

Assigner: GitHub, Inc.

Description
thread-amount is a tool that gets the amount of threads in the current process. Prior to version 0.2.2, there are resource leaks when querying thread counts on Windows and Apple platforms. In Windows platforms, the thread_amount function calls CreateToolhelp32Snapshot but fails to close the returned HANDLE using CloseHandle. Repeated calls to this function will cause the handle count of the process to grow indefinitely, eventually leading to system instability or process termination when the handle limit is reached. In Apple platforms, the thread_amount function calls task_threads (via Mach kernel APIs) which allocates memory for the thread list. The function fails to deallocate this memory using vm_deallocate. Repeated calls will result in a steady memory leak, eventually causing the process to be killed by the OOM (Out of Memory) killer. This issue has been patched in version 0.2.2.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-21
Last Modified
2025-11-21
Generated
2026-06-16
AI Q&A
2025-11-22
EPSS Evaluated
2026-06-15
NVD
CVE-2025-65947
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
thread_amount thread_amount 0.2.2
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-400 The product does not properly control the allocation and maintenance of a limited resource.
CWE-772 The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the thread-amount tool prior to version 0.2.2, where it improperly manages system resources when querying thread counts. On Windows, it calls CreateToolhelp32Snapshot but does not close the handle with CloseHandle, causing handle leaks. On Apple platforms, it calls task_threads which allocates memory but fails to deallocate it with vm_deallocate, causing memory leaks. Repeated calls lead to resource exhaustion, causing system instability or process termination.

Impact Analysis

The vulnerability can cause resource leaks that accumulate over time. On Windows, the handle count grows indefinitely, potentially leading to system instability or process termination when handle limits are reached. On Apple platforms, memory leaks can cause the process to be killed by the Out of Memory (OOM) killer. This can disrupt normal operation and cause crashes or instability in affected applications.

Detection Guidance

This vulnerability can be detected by monitoring the handle count of the process using the thread_amount function on Windows or by observing memory usage growth on Apple platforms. On Windows, you can use commands like 'handle.exe -p <process_id>' from Sysinternals to check for increasing handle counts. On Apple platforms, monitoring the process memory usage over time with commands like 'top -pid <process_id>' or 'vmmap <process_id>' may help detect memory leaks caused by this vulnerability.

Mitigation Strategies

The immediate step to mitigate this vulnerability is to upgrade the thread-amount tool to version 0.2.2 or later, where the resource leaks have been patched. Until the upgrade, limit the frequency of calls to the thread_amount function to reduce resource exhaustion and monitor system stability closely.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-65947. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart