Upstream information
CVE-2025-65637 at MITRE
Description
A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with "token too long" and the writer pipe is closed, leaving Writer() unusable and causing application unavailability (DoS). This affects versions < 1.8.3, 1.9.0, and 1.9.2. The issue is fixed in 1.8.3, 1.9.1, and 1.9.3+, where the input is chunked and the writer continues to function even if an error is logged.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having important severity.
CVSS v3 Scores
| CVSS detail | CNA (CISA-ADP) |
|---|
| Base Score | 7.5 |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Attack Vector | Network |
| Attack Complexity | Low |
| Privileges Required | None |
| User Interaction | None |
| Scope | Unchanged |
| Confidentiality Impact | None |
| Integrity Impact | None |
| Availability Impact | High |
| CVSSv3 Version | 3.1 |
No SUSE Bugzilla entries cross referenced.
No SUSE Security Announcements cross referenced.
List of released packages
| Product(s) | Fixed package version(s) | References |
|---|
| SUSE Liberty Linux 8 | aardvark-dns >= 1.10.1-2.module+el8.10.0+23963+b64d8032buildah >= 1.33.14-2.module+el8.10.0+23963+b64d8032buildah-tests >= 1.33.14-2.module+el8.10.0+23963+b64d8032cockpit-podman >= 84.1-1.module+el8.10.0+23963+b64d8032conmon >= 2.1.10-1.module+el8.10.0+23963+b64d8032container-selinux >= 2.229.0-2.module+el8.10.0+23963+b64d8032containernetworking-plugins >= 1.4.0-7.module+el8.10.0+23963+b64d8032containers-common >= 1-82.module+el8.10.0+23963+b64d8032crit >= 3.18-5.module+el8.10.0+23963+b64d8032criu >= 3.18-5.module+el8.10.0+23963+b64d8032criu-devel >= 3.18-5.module+el8.10.0+23963+b64d8032criu-libs >= 3.18-5.module+el8.10.0+23963+b64d8032crun >= 1.14.3-2.module+el8.10.0+23963+b64d8032fuse-overlayfs >= 1.13-1.module+el8.10.0+23963+b64d8032libslirp >= 4.4.0-2.module+el8.10.0+23963+b64d8032libslirp-devel >= 4.4.0-2.module+el8.10.0+23963+b64d8032netavark >= 1.10.3-1.module+el8.10.0+23963+b64d8032oci-seccomp-bpf-hook >= 1.2.10-1.module+el8.10.0+23963+b64d8032podman >= 4.9.4-28.module+el8.10.0+23963+b64d8032podman-catatonit >= 4.9.4-28.module+el8.10.0+23963+b64d8032podman-docker >= 4.9.4-28.module+el8.10.0+23963+b64d8032podman-gvproxy >= 4.9.4-28.module+el8.10.0+23963+b64d8032podman-plugins >= 4.9.4-28.module+el8.10.0+23963+b64d8032podman-remote >= 4.9.4-28.module+el8.10.0+23963+b64d8032podman-tests >= 4.9.4-28.module+el8.10.0+23963+b64d8032python3-criu >= 3.18-5.module+el8.10.0+23963+b64d8032python3-podman >= 4.9.0-3.module+el8.10.0+23963+b64d8032runc >= 1.2.9-3.module+el8.10.0+23963+b64d8032skopeo >= 1.14.5-6.module+el8.10.0+23963+b64d8032skopeo-tests >= 1.14.5-6.module+el8.10.0+23963+b64d8032slirp4netns >= 1.2.3-1.module+el8.10.0+23963+b64d8032toolbox >= 0.0.99.5.1-1.module+el8.10.0+23963+b64d8032toolbox-tests >= 0.0.99.5.1-1.module+el8.10.0+23963+b64d8032udica >= 0.2.6-21.module+el8.10.0+23963+b64d8032
| Patchnames:
RHSA-2026:3428 |
SUSE Timeline for this CVE
CVE page created: Thu Dec 4 22:04:31 2025
CVE page last modified: Fri Feb 27 01:54:42 2026
