CVE-2025-48964 in iputilsinformazioni

Riassunto

di MITRE • 22/07/2025

ping in iputils through 20240905 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero).

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Responsabile

MITRE

Prenotare

29/05/2025

Divulgazione

22/07/2025

Moderazione

accettato

CPE

pronto

EPSS

0.00322

KEV

no

Attività

molto basso

Fonti

Interested in the pricing of exploits?

See the underground prices here!