关键漏洞信息 CVE编号 - CVE-2025-59088 - CVE-2025-59089 漏洞描述 - python-kdcproxy: 通过Realm?控制的DNS SRV进行未经身份验证的SSRF - python-kdcproxy: 通过无界TCP上游缓冲进行远程DoS 受影响产品 - Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64 - Red Hat Enterprise Linux Server - AUS 9.4 x86_64 - Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x - Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le - Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64 - Red Hat Enterprise Linux for Power LE - Update Services for SAP Solutions 9.4 ppc64le - Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64 - Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64 - Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x 解决方案 - 参照文章: [](https://access.redhat.com/articles/11258) 以获取更新应用的详细步骤 重要性 - 安全公告: 重要 - CVSS基础分数: 可从每个漏洞的CVE链接中查看