Vulnerability Details : CVE-2025-0665
libcurl would wrongly close the same eventfd file descriptor twice when taking
down a connection channel after having completed a threaded name resolve.
Products affected by CVE-2025-0665
Please log in to view affected product information.
Exploit prediction scoring system (EPSS) score for CVE-2025-0665
0.96%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 75 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2025-0665
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2025-02-05 |
CWE ids for CVE-2025-0665
-
The product attempts to close or release a resource or handle more than once, without any successful open between the close operations.Assigned by: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
References for CVE-2025-0665
-
http://www.openwall.com/lists/oss-security/2025/02/05/2
oss-security - [SECURITY ADVISORY] curl: CVE-2025-0665: eventfd double close
-
https://hackerone.com/reports/2954286
Just a moment...
-
http://www.openwall.com/lists/oss-security/2025/02/05/5
oss-security - Re: [SECURITY ADVISORY] curl: CVE-2025-0665: eventfd double close
-
https://curl.se/docs/CVE-2025-0665.html
curl - eventfd double close - CVE-2025-0665
-
https://curl.se/docs/CVE-2025-0665.json
-
https://security.netapp.com/advisory/ntap-20250306-0007/
CVE-2025-0665 Libcurl Vulnerability in NetApp Products | NetApp Product Security
Jump to