Not sure if MITRE is on this list, but...
On 2025-03-26 19:56, Alan Coopersmith wrote:
On 3/26/25 16:07, Solar Designer wrote:
Hi,
This (or rather an earlier vague warning) made it to various tech news
sites today:
https://rachelbythebay.com/w/2025/03/26/atop/
CVE-2025-31160 appears to have been issued by Mitre to track this:
https://www.cve.org/CVERecord?id=CVE-2025-31160
but only listing the above blog and the ycombinator threads for details.
... this should include a link to
https://github.com/Atoptool/atop/issues/330 which is a tracker for the
issue in this CVE. It looks like a munmap patch has been provided but
it looks also that this may be one of multiple 'suspicious' commits on
the radar (if you read the issue thread).
Thomas Ward, CISSP
