Skip to main content

CVE-2025-49491: CWE-404 Improper Resource Shutdown or Release in ASR Falcon_Linux、Kestrel、Lapwing_Linux

Medium
VulnerabilityCVE-2025-49491cvecve-2025-49491cwe-404
Published: Tue Jul 01 2025 (07/01/2025, 10:36:37 UTC)
Source: CVE Database V5
Vendor/Project: ASR
Product: Falcon_Linux、Kestrel、Lapwing_Linux

Description

Improper Resource Shutdown or Release vulnerability in ASR Falcon_Linux、Kestrel、Lapwing_Linux on Linux (traffic_stat modules) allows Resource Leak Exposure. This vulnerability is associated with program files traffic_stat/traffic_service/traffic_service.C. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.

AI-Powered Analysis

AILast updated: 07/01/2025, 11:09:47 UTC

Technical Analysis

CVE-2025-49491 is a medium-severity vulnerability classified under CWE-404 (Improper Resource Shutdown or Release) affecting ASR's Falcon_Linux, Kestrel, and Lapwing_Linux products, specifically in the traffic_stat modules. The vulnerability arises from improper handling of resource shutdown or release in the program files traffic_stat/traffic_service/traffic_service.C, leading to resource leaks. These leaks can cause gradual degradation of system performance or availability due to exhaustion of system resources such as memory, file descriptors, or network sockets. The issue affects versions prior to v1536 of the mentioned products. The CVSS v3.1 base score is 5.4, indicating a medium severity level, with an attack vector of network (AV:N), low attack complexity (AC:L), requiring low privileges (PR:L), no user interaction (UI:N), unchanged scope (S:U), limited confidentiality impact (C:L), no integrity impact (I:N), and low availability impact (A:L). No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability could be exploited remotely by an attacker with some level of privileges to cause resource exhaustion, potentially leading to denial of service or degraded performance in critical network traffic monitoring or management functions provided by these ASR Linux-based products.

Potential Impact

For European organizations using ASR Falcon_Linux, Kestrel, or Lapwing_Linux, particularly in network infrastructure or traffic monitoring roles, this vulnerability could lead to resource leaks that degrade system availability over time. This may result in partial denial of service conditions affecting network traffic analysis, security monitoring, or operational continuity. Given the network-facing nature and low privilege requirement, attackers within the network perimeter could exploit this to disrupt services. The limited confidentiality impact reduces risk of data leakage, but availability degradation in critical network components could impact business operations, incident response, and compliance with European data protection regulations that require continuous system availability and integrity. Organizations relying on these products for traffic statistics or network management should be aware of potential performance degradation and plan for timely remediation.

Mitigation Recommendations

1. Monitor resource usage closely on systems running affected ASR products, focusing on memory, file descriptors, and network sockets to detect abnormal resource consumption patterns. 2. Apply updates or patches from ASR as soon as they become available, prioritizing upgrade to version v1536 or later where the issue is resolved. 3. Restrict network access to the traffic_stat modules and associated services to trusted administrators and systems to reduce exposure to potential attackers with low privileges. 4. Implement network segmentation and strict access controls to limit the ability of attackers to reach vulnerable services. 5. Employ automated resource management and watchdog processes to restart or recover services exhibiting resource leaks before they impact availability. 6. Conduct regular security assessments and vulnerability scans specifically targeting ASR products to identify unpatched instances. 7. Engage with ASR support channels for advisories and guidance on interim mitigations if patches are delayed.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
ASR
Date Reserved
2025-06-06T02:42:06.644Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 6863be626f40f0eb728ef545

Added to database: 7/1/2025, 10:54:26 AM

Last enriched: 7/1/2025, 11:09:47 AM

Last updated: 7/14/2025, 5:37:11 AM

Views: 14

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats