8 matches found
ALSA-2025:17558 Moderate: iputils security update
The iputils packages contain basic utilities for monitoring a network, including ping. Security Fixes: iputils: iputils integer overflow CVE-2025-48964 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE...
RockyLinux 10 : iputils (RLSA-2025:9421)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:9421 advisory. iputils: Signed Integer Overflow in Timestamp Multiplication in iputils ping CVE-2025-47268 Tenable has extracted the preceding description block directly from t...
ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero).
...
iputils: Signed Integer Overflow in Timestamp Multiplication in iputils ping
A flaw was found in iputils ping, where a signed integer overflow occurs in timestamp multiplication. This issue could lead to incorrect timestamp calculations or denial of service when processing crafted ICMP Echo Reply packets...
iputils: Signed Integer Overflow in Timestamp Multiplication in iputils ping
A flaw was found in iputils ping, where a signed integer overflow occurs in timestamp multiplication. This issue could lead to incorrect timestamp calculations or denial of service when processing crafted ICMP Echo Reply packets...
iputils: Signed Integer Overflow in Timestamp Multiplication in iputils ping
A flaw was found in iputils ping, where a signed integer overflow occurs in timestamp multiplication. This issue could lead to incorrect timestamp calculations or denial of service when processing crafted ICMP Echo Reply packets...
CVE-2025-47268
ping in iputils before 20250602 allows a denial of service application error or incorrect data collection via a crafted ICMP Echo Reply packet, because of a signed 64-bit integer overflow in timestamp multiplication...
CVE-2025-47268
CVE-2025-47268 affects the iputils package’s ping utility. The issue arises from a signed 64-bit integer overflow in timestamp multiplication, exploitable via a crafted ICMP Echo Reply packet and leading to a denial of service (application error or incorrect data collection). A patched version is...