CVE-2025-46807

NameCVE-2025-46807
DescriptionA Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to easily exhaust the file descriptors in sslh and deny legitimate users service.This issue affects sslh before 2.2.4.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs1107213

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
sslh (PTS)bookworm, bullseye1.20-1vulnerable
sid, trixie2.1.4-1vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
sslhsource(unstable)(unfixed)1107213

Notes

https://bugzilla.suse.com/show_bug.cgi?id=1243122
Fixed by: https://github.com/yrutschle/sslh/commit/ff8206f7c8a47f901b78a1b78db5a4c788f6aa6f (v2.2.4)

Search for package or bug name: Reporting problems