Medium6.5Red Hat Linux Updated
Denial of Service via crafted SQL statements in sqlo_try_in_loop
CVE-2025-61024 Published Jun 23, 2026Updated by vendor Jun 23, 2026
Affected products & platforms
Red Hat LinuxUnclassified
Summary
Denial of Service via crafted SQL statements in sqlo_try_in_loop. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-606.
Mitigation checklist
Recommended fix / mitigation
- To reduce the attack surface, restrict network access to the virtuoso-opensource service to only trusted clients using firewall rules. If the virtuoso-opensource service is not actively used, consider disabling it. To disable the service: `sudo systemctl stop virtuoso-opensource` `sudo systemctl disable virtuoso-opensource` Applying firewall rules to limit access to the service's port (e.g., 1111/tcp) from specific trusted IP addresses can also reduce exposure. `sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="<TRUSTED_IP_ADDRESS>" port port="1111" protocol="tcp" accept'` `sudo firewall-cmd --reload` Disabling the service will prevent its functionality. A service restart or system reboot may be required for changes to take full effect.
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.