CVE-2025-6297 found in deb/debian/dpkg@1.21.22
CVE-2025-6297 found in deb/debian/dpkg@1.21.22
Important
Risk: 4.45 (Medium)
CVSS: 8.2
Description
It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on adversarial .deb packages or with well compressible files, placed inside a directory with permissions not allowing removal by a non-root user, this can end up in a DoS scenario due to causing disk quota exhaustion or disk full conditions.
Affected component
The vulnerability is in pkg:deb/debian/dpkg@1.21.22, found in artifacts pkg:oci/python3?repository_url=registry.opencode.de/open-code/oci/python3&tag=3.11-amd64&arch=amd64, pkg:oci/python3?repository_url=registry.opencode.de/open-code/oci/python3&tag=latest-amd64&arch=amd64, pkg:oci/python3?repository_url=registry.opencode.de/open-code/oci/python3&tag=latest-arm64&arch=arm64, pkg:oci/python3?repository_url=registry.opencode.de/open-code/oci/python3&tag=3.11-arm64&arch=arm64.
Recommended fix
No fix is available.
Additional guidance for mitigating vulnerabilities
Visit our guides on devguard.org
See more details...
Path to component
%%{init: { 'theme':'base', 'themeVariables': {
'primaryColor': '#F3F3F3',
'primaryTextColor': '#0D1117',
'primaryBorderColor': '#999999',
'lineColor': '#999999',
'secondaryColor': '#ffffff',
'tertiaryColor': '#ffffff'
} }}%%
flowchart TD
root(["root"]) --- sbom_DEFAULT(["sbom:DEFAULT"])
sbom_DEFAULT(["sbom:DEFAULT"]) --- debian_python3(["debian/python3"])
debian_python3(["debian/python3"]) --- debian_libpython3_stdlib(["debian/libpython3-stdlib"])
debian_libpython3_stdlib(["debian/libpython3-stdlib"]) --- debian_libpython3_11_stdlib(["debian/libpython3.11-stdlib"])
debian_libpython3_11_stdlib(["debian/libpython3.11-stdlib"]) --- debian_libreadline8(["debian/libreadline8"])
debian_libreadline8(["debian/libreadline8"]) --- debian_readline_common(["debian/readline-common"])
debian_readline_common(["debian/readline-common"]) --- debian_dpkg(["debian/dpkg"])
debian_python3(["debian/python3"]) --- debian_python3_11(["debian/python3.11"])
debian_python3_11(["debian/python3.11"]) --- debian_libpython3_11_stdlib(["debian/libpython3.11-stdlib"])
root(["root"]) --- sbom_SBOM_UPLOAD_3_11_AMD64(["sbom:SBOM_UPLOAD_3.11_AMD64"])
sbom_SBOM_UPLOAD_3_11_AMD64(["sbom:SBOM_UPLOAD_3.11_AMD64"]) --- debian_python3(["debian/python3"])
classDef default stroke-width:2px| Risk Factor | Value | Description |
|---|---|---|
| Vulnerability Depth | 0 |
The vulnerability is in a direct dependency of your project. |
| EPSS | 0.10 % |
The exploit probability is very low. The vulnerability is unlikely to be exploited in the next 30 days. |
| EXPLOIT | Not available |
We did not find any exploit available. Neither in GitHub repositories nor in the Exploit-Database. There are no script kiddies exploiting this vulnerability. |
| CVSS-BE | 9.7 |
- Exploiting this vulnerability significantly impacts confidentiality. |
| CVSS-B | 8.2 |
- The vulnerability can be exploited over the network without needing physical access. - It is easy for an attacker to exploit this vulnerability. - An attacker does not need any special privileges or access rights. - No user interaction is needed for the attacker to exploit this vulnerability. - The impact is confined to the system where the vulnerability exists. - There is a high impact on the confidentiality of the information. - There is a low impact on the integrity of the data. |
More details can be found in DevGuard
Interact with this vulnerability
You can use the following slash commands to interact with this vulnerability:
👍 Reply with this to acknowledge and accept the identified risk.
/accept I accept the risk of this vulnerability, because ...
⚠️ Mark the risk as false positive: Use one of these commands if you believe the reported vulnerability is not actually a valid issue.
/component-not-present The vulnerable component is not included in the artifact./vulnerable-code-not-present The component is present, but the vulnerable code is not included or compiled./vulnerable-code-not-in-execute-path The vulnerable code exists, but is never executed at runtime./vulnerable-code-cannot-be-controlled-by-adversary Built-in protections prevent exploitation of this vulnerability./inline-mitigations-already-exist The vulnerable code cannot be controlled or influenced by an attacker.
🔁 Reopen the risk: Use this command to reopen a previously closed or accepted vulnerability.
/reopen ...