Improper Resource Shutdown in ASR Falcon_Linux, Kestrel, and Lapwing_Linux
CVE-2025-49489

5.4MEDIUM

Key Information:

Vendor: Asr
Status: Falcon Linux、kestrel、lapwing Linux
Vendor: CVE Published:; 1 July 2025

What is CVE-2025-49489?

The vulnerability in ASR Falcon_Linux, Kestrel, and Lapwing_Linux components allows for improper resource management, leading to potential resource leak exposure. This issue arises specifically in the con_mgr components, particularly within the con_mgr/dialer_task.C program files. Users of affected versions prior to v1536 should take immediate action to mitigate potential risks.

Affected Version(s)

Falcon_Linux、Kestrel、Lapwing_Linux Linux 0

References

https://www.asrmicro.com/en/goods/psirt?cid=40

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 1, 2025
Vulnerability Reserved
Jun 6, 2025

Asr

What is CVE-2025-49489?

Affected Version(s)

References

CVSS V3.1

Timeline