CVE-2025-23388
published 2025-04-11CVE-2025-23388: A Stack-based Buffer Overflow vulnerability in SUSE rancher allows for denial of service.This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0…
PriorityP346high8.2CVSS 3.1
AVNACLPRNUINSUCNILAH
EPSS
0.53%
40.7th percentile
A Stack-based Buffer Overflow vulnerability in SUSE rancher allows for denial of service.This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | rancher_rancher | >= 2.10.0 < 2.10.3 | 2.10.3 |
| github.com | rancher_rancher | >= 2.8.0 < 2.8.13 | 2.8.13 |
| github.com | rancher_rancher | >= 2.9.0 < 2.9.7 | 2.9.7 |
| suse | rancher | >= 2.10.0 < 2.10.3 | 2.10.3 |
| suse | rancher | >= 2.8.0 < 2.8.13 | 2.8.13 |
| suse | rancher | >= 2.9.0 < 2.9.7 | 2.9.7 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Rancher allows an unauthenticated stack overflow in /v3-public/authproviders API in github.com/rancher/rancher
osv·2025-03-03
CVE-2025-23388 Rancher allows an unauthenticated stack overflow in /v3-public/authproviders API in github.com/rancher/rancher
Rancher allows an unauthenticated stack overflow in /v3-public/authproviders API in github.com/rancher/rancher
Rancher allows an unauthenticated stack overflow in /v3-public/authproviders API in github.com/rancher/rancher.
NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.
(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)
The additional affected modules and versions are: github.com/rancher/rancher from v2.8.0 before v2.8.13, from v2.9.0 before v2.9.7, from v2.10.0 before v2.10.3.
OSV
Rancher allows an unauthenticated stack overflow in /v3-public/authproviders API
osv·2025-02-27
CVE-2025-23388 [HIGH] Rancher allows an unauthenticated stack overflow in /v3-public/authproviders API
Rancher allows an unauthenticated stack overflow in /v3-public/authproviders API
### Impact
An unauthenticated stack overflow crash, leading to a denial of service (DoS), was identified in Rancher’s `/v3-public/authproviders` public API endpoint. A malicious user could submit data to the API which would cause the Rancher server to crash, but no malicious or incorrect data would actually be written in the API. The downstream clusters, i.e., the clusters managed by Rancher, are not affected by this issue.
This vulnerability affects those using external authentication providers as well as Rancher’s local authentication.
### Patches
The patch includes the removal of unnecessary HTTP methods of the specific API.
Patched versions include releases `v2.8.13`, `v2.9.7` and `v2.10.3`.
### Worka
GHSA
Rancher allows an unauthenticated stack overflow in /v3-public/authproviders API
ghsa·2025-02-27
CVE-2025-23388 [HIGH] CWE-121 Rancher allows an unauthenticated stack overflow in /v3-public/authproviders API
Rancher allows an unauthenticated stack overflow in /v3-public/authproviders API
### Impact
An unauthenticated stack overflow crash, leading to a denial of service (DoS), was identified in Rancher’s `/v3-public/authproviders` public API endpoint. A malicious user could submit data to the API which would cause the Rancher server to crash, but no malicious or incorrect data would actually be written in the API. The downstream clusters, i.e., the clusters managed by Rancher, are not affected by this issue.
This vulnerability affects those using external authentication providers as well as Rancher’s local authentication.
### Patches
The patch includes the removal of unnecessary HTTP methods of the specific API.
Patched versions include releases `v2.8.13`, `v2.9.7` and `v2.10.3`.
### Worka
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-04-11
Published