Login Sign Up

CVE-2025-62875

5.5 MEDIUM
Denial of Service

📋 TL;DR

An Improper Check for Unusual or Exceptional Conditions vulnerability in OpenSMTPD allows local users to crash the service through a denial-of-service attack. This affects openSUSE Tumbleweed systems running vulnerable versions of OpenSMTPD. The vulnerability requires local access to the system.

💻 Affected Systems

Products:
  • OpenSMTPD
Versions: Versions before 7.8.0p0-1.1
Operating Systems: openSUSE Tumbleweed
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems where OpenSMTPD is installed and running. Requires local user access to exploit.

📦 What is this software?

Opensmtpd by Opensmtpd

View all CVEs affecting Opensmtpd →

Tumbleweed by Opensuse

View all CVEs affecting Tumbleweed →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete denial of email service on affected systems, potentially disrupting mail flow and dependent services.

🟠

Likely Case

Local users can crash OpenSMTPD, causing temporary email service disruption until the service is restarted.

🟢

If Mitigated

With proper access controls limiting local user privileges, the impact is reduced to authorized users only.

🌐 Internet-Facing: LOW - This is a local-only vulnerability requiring authenticated access to the system.
🏢 Internal Only: MEDIUM - Internal users with local access can disrupt email services, but requires local system access.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Reproducer code is publicly available in the security advisory. Exploitation requires local user access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 7.8.0p0-1.1 or later

Vendor Advisory: https://security.opensuse.org/2025/10/31/opensmtpd-local-DoS.html

Restart Required: Yes

Instructions:

1. Update OpenSMTPD package using your package manager. 2. For openSUSE Tumbleweed: 'sudo zypper update opensmtpd'. 3. Restart OpenSMTPD service: 'sudo systemctl restart smtpd'.

🔧 Temporary Workarounds

Restrict local user access

linux

Limit which users have local shell access to systems running OpenSMTPD

Implement service monitoring

linux

Set up monitoring to automatically restart OpenSMTPD if it crashes

sudo systemctl enable smtpd
sudo systemctl start smtpd

🧯 If You Can't Patch

  • Implement strict access controls to limit which users have local system access
  • Monitor OpenSMTPD service status and set up automated restart procedures

🔍 How to Verify

Check if Vulnerable:

Check OpenSMTPD version: 'opensmtpd -V' or 'rpm -q opensmtpd' and compare against vulnerable versions

Check Version:

opensmtpd -V 2>&1 | head -1 || rpm -q opensmtpd

Verify Fix Applied:

Verify installed version is 7.8.0p0-1.1 or later: 'rpm -q opensmtpd'

📡 Detection & Monitoring

Log Indicators:

  • OpenSMTPD crash logs
  • Unexpected service restarts in system logs
  • Increased restart frequency in smtpd logs

Network Indicators:

  • SMTP service becoming unavailable
  • Failed email delivery attempts

SIEM Query:

source="systemd" AND "smtpd" AND ("failed" OR "crash" OR "restart")

📊 Metadata

CVE ID: CVE-2025-62875
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-754
EPSS Score: 0.03% exploit probability (7.3th percentile)
Published: November 20, 2025
Last Updated: January 15, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-62875, you might also want to check these:

CVE-2026-24054 10.0

A vulnerability in Kata Containers allows malformed container images with no layers to cause the hos...

Same vulnerability type (CWE-754)
CVE-2021-0211 10.0

This vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows attackers to send specia...

Same vulnerability type (CWE-754)
CVE-2024-3729 9.8

This vulnerability in the Frontend Admin WordPress plugin allows unauthenticated attackers to manipu...

Same vulnerability type (CWE-754)