How to fix CVE-2025-65637?

Within 24 hours: Identify all applications and services using Logrus versions 1.8.x (prior to 1.8.3), 1.9.0, or 1.9.2 through dependency scanning. Within 7 days: Upgrade to patched versions (1.8.3, 1.9.1, or 1.9.3+) and conduct testing in non-production environments. Within 30 days: Deploy patched versions to all production systems and verify successful application startup and logging functionality.

Is Ubuntu affected by CVE-2025-65637?

A denial-of-service vulnerability in the Logrus logging library could render applications unavailable if they process large log payloads without newline characters.

CVE-2025-65637

EUVD-2025-201258 HIGH

2025-12-04 [email protected]

GHSA-4f99-4q7p-p3gh

7.5

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 15, 2026 - 16:35 vuln.today

EUVD ID Assigned

Mar 15, 2026 - 16:35 euvd

EUVD-2025-201258

Patch Released

Mar 15, 2026 - 16:35 nvd

Patch available

PoC Detected

Dec 23, 2025 - 00:26 vuln.today

Public exploit code

CVE Published

Dec 04, 2025 - 19:16 nvd

HIGH 7.5

Description

A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with "token too long" and the writer pipe is closed, leaving Writer() unusable and causing application unavailability (DoS). This affects versions < 1.8.3, 1.9.0, and 1.9.2. The issue is fixed in 1.8.3, 1.9.1, and 1.9.3+, where the input is chunked and the writer continues to function even if an error is logged.

Analysis

Technical Context

A denial of service vulnerability allows an attacker to disrupt the normal functioning of a system, making it unavailable to legitimate users. This vulnerability is classified as Uncontrolled Resource Consumption (CWE-400).

Affected Products

Affected products: Turbopuffer Logrus

Remediation

A vendor patch is available — apply it immediately. Implement rate limiting and input validation. Use timeout mechanisms for resource-intensive operations. Deploy DDoS protection where applicable.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +38

POC: +20

Vendor Status

Ubuntu

Priority: Medium

golang-logrus

Release	Status	Version
xenial	needs-triage	-
bionic	needs-triage	-
focal	needs-triage	-
jammy	needs-triage	-
noble	needs-triage	-
questing	needs-triage	-
upstream	released	1.9.3-1
plucky	ignored	end of life, was needs-triage

Debian

golang-logrus

Release	Status	Fixed Version	Urgency
bullseye	vulnerable	1.7.0-2	-
bookworm, trixie	vulnerable	1.9.0-1	-
forky, sid	fixed	1.9.3-1	-
(unstable)	fixed	1.9.3-1	-

CVE-2025-65637 vulnerability details – vuln.today

Back

CVE-2025-65637

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Vendor Status

Ubuntu

Debian

Share

CVE-2025-65637

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Vendor Status

Ubuntu

Debian

Share

External POC / Exploit Code