High severity7.5GHSA Advisory· Published Jul 12, 2025· Updated Apr 15, 2026

CVE-2025-24294

Description

The attack vector is a potential Denial of Service (DoS). The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet.

An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses such a packet, the name decompression process consumes a large amount of CPU resources, as the library does not limit the resulting length of the name.

This resource consumption can cause the application thread to become unresponsive, resulting in a Denial of Service condition.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
resolvRubyGems	< 0.2.3	0.2.3
resolvRubyGems	>= 0.4.0, < 0.6.2	0.6.2
resolvRubyGems	>= 0.3.0, < 0.3.1	0.3.1

Affected products

Ruby/ResolvGHSA
Range: >= 0.3.0, < 0.3.1

Patches

4c2f71b5e808

Limit decompressed name length

https://github.com/ruby/resolvYusuke EndohJul 8, 2025via ghsa

commit

2 files changed · +12 −1

lib/resolv.rb+5 −1 modified

@@ -1679,6 +1679,7 @@ def get_labels
           prev_index = @index
           save_index = nil
           d = []
+          size = -1
           while true
             raise DecodeError.new("limit exceeded") if @limit <= @index
             case @data.getbyte(@index)
@@ -1699,7 +1700,10 @@ def get_labels
               end
               @index = idx
             else
-              d << self.get_label
+              l = self.get_label
+              d << l
+              size += 1 + l.string.bytesize
+              raise DecodeError.new("name label data exceed 255 octets") if size > 255
             end
           end
         end

test/resolv/test_dns.rb+7 −0 modified

@@ -627,6 +627,13 @@ def test_too_big_label_address
     assert_operator(2**14, :<, m.to_s.length)
   end
 
+  def test_too_long_address
+    too_long_address_message = [0, 0, 1, 0, 0, 0].pack("n*") + "\x01x" * 129 + [0, 0, 0].pack("cnn")
+    assert_raise_with_message(Resolv::DNS::DecodeError, /name label data exceed 255 octets/) do
+      Resolv::DNS::Message.decode too_long_address_message
+    end
+  end
+
   def assert_no_fd_leak
     socket = assert_throw(self) do |tag|
       Resolv::DNS.stub(:bind_random_port, ->(s, *) {throw(tag, s)}) do

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000