CVE-2025-48964 in iputilsالمعلومات

الملخص

بحسب MITRE • 22/07/2025

ping in iputils through 20240905 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero).

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

مسؤول

MITRE

حجز

29/05/2025

إفشاء

22/07/2025

الاعتدال

تمت الموافقة

إدخال

VDB-317289

EPSS

0.00322

KEV

لا

النشاطات

منخفض جدًا

المصادر

Might our Artificial Intelligence support you?

Check our Alexa App!