CVE-2025-0665

Summary

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve.

Affected Software

VendorProductVersion RangeStatus
curlcurl8.11.1 <= 8.11.1affected

Weaknesses

  • CWE-1341 Multiple Releases of Same Resource or Handle

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References