Skip to main content

CVE-2025-6365: Resource Consumption in HobbesOSR Kitten

Medium
VulnerabilityCVE-2025-6365cvecve-2025-6365
Published: Fri Jun 20 2025 (06/20/2025, 20:31:06 UTC)
Source: CVE Database V5
Vendor/Project: HobbesOSR
Product: Kitten

Description

A vulnerability was found in HobbesOSR Kitten up to c4f8b7c3158983d1020af432be1b417b28686736 and classified as critical. Affected by this issue is the function set_pte_at in the library /include/arch-arm64/pgtable.h. The manipulation leads to resource consumption. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.

AI-Powered Analysis

AILast updated: 06/21/2025, 12:51:55 UTC

Technical Analysis

CVE-2025-6365 is a vulnerability identified in the HobbesOSR Kitten product, specifically affecting the function set_pte_at within the ARM64 architecture page table header file (/include/arch-arm64/pgtable.h). The vulnerability leads to resource consumption, which implies that an attacker can manipulate the function to cause excessive use of system resources such as CPU, memory, or other kernel-level resources. This can degrade system performance or potentially lead to denial of service conditions. The vulnerability is classified as critical by the source but carries a CVSS 4.0 score of 6.9, indicating a medium severity level. The CVSS vector indicates that the attack requires adjacent network access (AV:A), low attack complexity (AC:L), no privileges required (PR:L - low privileges), no user interaction (UI:N), and no impact on confidentiality, integrity, or availability directly, but a high impact on resource availability (VA:H). The product uses continuous delivery with rolling releases, so specific version details for affected or patched releases are not available, complicating patch management and vulnerability tracking. No known exploits are reported in the wild at this time. The vulnerability affects the ARM64 architecture implementation of the page table entry setting function, which is a critical part of memory management in the kernel, suggesting that exploitation could impact systems running HobbesOSR Kitten on ARM64 platforms.

Potential Impact

For European organizations, the primary impact of this vulnerability is the potential for resource exhaustion attacks that could degrade or disrupt critical systems running HobbesOSR Kitten on ARM64 hardware. This could affect availability of services, especially in environments where ARM64-based servers or embedded devices are used, such as telecommunications infrastructure, IoT deployments, or edge computing nodes. Given the medium CVSS score and the requirement for adjacent network access and low privileges, attackers within the same network segment could exploit this vulnerability to cause denial of service conditions without needing user interaction. This could disrupt business operations, cause downtime, and potentially impact critical infrastructure services. The lack of detailed versioning and patch information complicates timely remediation, increasing the window of exposure. Since HobbesOSR Kitten is a niche or specialized product, the impact is likely concentrated in organizations using this specific OS or kernel variant, but those organizations could face significant operational risks.

Mitigation Recommendations

1. Network Segmentation: Limit access to systems running HobbesOSR Kitten on ARM64 to trusted network segments to reduce the risk of adjacent network attackers exploiting the vulnerability. 2. Monitoring and Resource Limits: Implement monitoring of system resource usage and configure resource limits (e.g., cgroups or kernel resource quotas) to detect and mitigate abnormal resource consumption patterns. 3. Vendor Coordination: Engage with HobbesOSR for timely updates or patches despite the rolling release model; subscribe to vendor security advisories to receive notifications. 4. Access Controls: Restrict low-privilege user access on affected systems to minimize the risk of exploitation since low privileges are sufficient to exploit this vulnerability. 5. Incident Response Preparedness: Prepare incident response plans to quickly identify and respond to potential denial of service or resource exhaustion incidents. 6. Alternative Platforms: Where feasible, consider migrating critical workloads to more widely supported operating systems with established patching and support mechanisms to reduce dependency on niche products with limited vulnerability management visibility.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
VulDB
Date Reserved
2025-06-19T13:26:06.602Z
Cvss Version
4.0
State
PUBLISHED

Threat ID: 68568e81aded773421b5a7f5

Added to database: 6/21/2025, 10:50:41 AM

Last enriched: 6/21/2025, 12:51:55 PM

Last updated: 8/6/2025, 4:19:53 AM

Views: 16

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats