Acknowledged
Created: Jun 17, 2025
Updated: Jun 26, 2025
Found In Version: 10.21.20.1
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace
Any project that uses Protobuf Pure-Python backend\xa0to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP\xa0tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =>6.31.1 or beyond commit\xa017838beda2943d08b8a9d4df5b68f5f04f26d901
CREATE(Triage):(User=lchen-cn) CVE-2025-4565 (https://nvd.nist.gov/vuln/detail/CVE-2025-4565)
