CVE-2025-9092

Описание

Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips (API modules) allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader. This issue affects Bouncy Castle for Java - BC-FJA 2.1.0: from BC-FJA 2.1.0 through 2.1.0.

Uncontrolled Resource Consumption vulnerability has been discovered in the Legion of the Bouncy Castle Inc. Bouncy Castle for Java. In multi-JVM environments BC-FJA 2.1.0 could be found to create many library directories for the .so files required for native support, even though the files contained in the directories could have been shared. This could lead to server fragility, particularly in the case where it was difficult to identify which library directories were in use and which were not, with the subsequent strain on resources leading to service failure.