Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 952921 (CVE-2025-31160) - <sys-process/atop-2.11.1: heap corruption
Summary: <sys-process/atop-2.11.1: heap corruption
Status: IN_PROGRESS
Alias: CVE-2025-31160
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL: https://github.com/Atoptool/atop/issu...
Whiteboard: B1 [glsa? cleanup]
Keywords:
Depends on: 953087
Blocks:
  Show dependency tree
 
Reported: 2025-03-30 00:25 UTC by Sebastian Pipping
Modified: 2025-04-04 04:41 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sebastian Pipping gentoo-dev 2025-03-30 00:25:18 UTC 
Without a closer look I'm not super sure about the concrete impact
so I will let the links do the talking…

Please note that 2.11.1 does not yet have an ebuild in Gentoo.
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2025-03-30 08:29:47 UTC 
Dropping the version from the summary as we add that once we have a fixed version.
Comment 3 Larry the Git Cow gentoo-dev 2025-03-31 20:55:46 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f4be6476af1b8b89ded2e852e03f00b7414955d6

commit f4be6476af1b8b89ded2e852e03f00b7414955d6
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2025-03-31 20:54:25 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2025-03-31 20:54:30 +0000

    sys-process/atop: add 2.11.1
    
    Bug: https://bugs.gentoo.org/952921
    Signed-off-by: Sam James <sam@gentoo.org>

 sys-process/atop/Manifest           |   1 +
 sys-process/atop/atop-2.11.1.ebuild | 119 ++++++++++++++++++++++++++++++++++++
 2 files changed, 120 insertions(+)