Linuxsecurity
Fedora 43 Alertmanager Update Addresses Multiple CVEs
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
On March 16, 2026, Fedora released an important update for Alertmanager version 0.31.1, addressing several critical vulnerabilities. The update resolves issues including CVE-2025-58189, which involves an attacker-controlled information exposure during ALPN negotiation, and CVE-2025-61725, which leads to excessive CPU consumption. Other vulnerabilities fixed include CVE-2025-61723, CVE-2025-58185, and CVE-2025-58188, all of which pose risks of memory exhaustion and panic conditions. Users of Fedora 43 are urged to upgrade to the latest version to mitigate these risks. The vulnerabilities affect systems utilizing the Prometheus server for alert management. The update can be installed using the 'dnf' update program. The previous version, Fedora 42, had already reported critical vulnerabilities, emphasizing the importance of timely updates.
Key Points: • Fedora 43 Alertmanager update addresses multiple critical CVEs. • CVE-2025-58189 exposes attacker-controlled information during TLS negotiation. • Users are urged to upgrade to mitigate risks from known vulnerabilities.