Atop 2.11 Heap Overflow Vulnerability: CVE-2025-31160

Popular：

Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Atop 2.11 Heap Overflow Vulnerability: CVE-2025-31160

2025-03-29

A heap overflow vulnerability (CVE-2025-31160) has been discovered in Atop 2.11. The vulnerability stems from Atop attempting to connect to the TCP port of the atopgpud daemon during initialization. If another program is listening on this port, Atop may connect to it and receive malicious strings, leading to parsing failures, heap overflows, and segmentation faults. This vulnerability has been present since the introduction of atopgpud in Atop 2.4.0. The solution involves: not connecting to the TCP port by default, only attempting to connect when the '-k' flag is used; improved string parsing to avoid heap overflows; and not searching for netatop or netatop-bpf by default, only when the '-K' flag is used.

(openwall.com)

Development

Apple's Cautious AI Approach: Is Slow and Steady Winning the Race?

Raspberry Pi E-Ink Commute & Weather Tracker: Closing the Agency Gap