VYPR
Get started
← All advisories
Low severityNVD Advisory· Published Jun 24, 2025· Updated Apr 15, 2026

CVE-2025-52570

CVE-2025-52570

Description

Letmein is an authenticating port knocker. Prior to version 10.2.1, The connection limiter is implemented incorrectly. It allows an arbitrary amount of simultaneously incoming connections (TCP, UDP and Unix socket) for the services letmeind and letmeinfwd. Therefore, the command line option num-connections is not effective and does not limit the number of simultaneously incoming connections. This issue has been patched in version 10.2.1.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
letmeindcrates.io
< 10.2.110.2.1
letmeinfwdcrates.io
< 10.2.110.2.1

Patches

2
043bd3db7d3c
https://github.com/mbuesch/letmeinvia osv
43207cd77580

Fix incorrect use of Semaphore

https://github.com/mbuesch/letmeinMichael BueschJun 22, 2025via ghsa
commit
2 files changed · +8 4
  • letmeind/src/main.rs+4 2 modified
    @@ -155,15 +155,16 @@ async fn async_main(opts: Arc<Opts>) -> ah::Result<()> {
         let opts = Arc::clone(&opts);
 
         async move {
-            let conn_semaphore = Semaphore::new(opts.num_connections);
+            let conn_semaphore = Arc::new(Semaphore::new(opts.num_connections));
             loop {
                 let conf = Arc::clone(&conf);
                 let opts = Arc::clone(&opts);
+                let conn_semaphore = Arc::clone(&conn_semaphore);
                 match srv.accept().await {
                     Ok(conn) => {
                         // Socket connection handler.
                         let conn = Arc::new(conn);
-                        if let Ok(_permit) = conn_semaphore.acquire().await {
+                        if let Ok(permit) = conn_semaphore.acquire_owned().await {
                             let conn = Arc::clone(&conn);
                             task::spawn(async move {
                                 let mut proto = Protocol::new(&*conn, &conf, &opts.rundir);
@@ -176,6 +177,7 @@ async fn async_main(opts: Arc<Opts>) -> ah::Result<()> {
                                     );
                                 }
                                 conn.close().await;
+                                drop(permit);
                             });
                         } else {
                             conn.close().await;
  • letmeinfwd/src/main.rs+4 2 modified
    @@ -219,18 +219,20 @@ async fn async_main(opts: Arc<Opts>) -> ah::Result<()> {
         let fw = Arc::clone(&fw);
 
         async move {
-            let conn_semaphore = Semaphore::new(opts.num_connections);
+            let conn_semaphore = Arc::new(Semaphore::new(opts.num_connections));
             loop {
                 let conf = Arc::clone(&conf);
                 let fw = Arc::clone(&fw);
+                let conn_semaphore = Arc::clone(&conn_semaphore);
                 match srv.accept(&opts).await {
                     Ok(mut conn) => {
                         // Socket connection handler.
-                        if let Ok(_permit) = conn_semaphore.acquire().await {
+                        if let Ok(permit) = conn_semaphore.acquire_owned().await {
                             task::spawn(async move {
                                 if let Err(e) = conn.handle_message(&conf, fw).await {
                                     eprintln!("Client error: {e:?}");
                                 }
+                                drop(permit);
                             });
                         }
                     }

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

4

News mentions

0

No linked articles in our index yet.