ByteOS Network

CVE Vulnerability Details :

CVE-2025-48964

PUBLISHED

More Info Official Page

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-22 Jul, 2025 | 00:00

Updated At-26 Aug, 2025 | 18:49

▼CVE Numbering Authority (CNA)

ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero).

Affected Products

Vendor

iputils

Product

iputils

Default Status

unaffected

Versions

Affected

From 0 before 20250602 (custom)

Problem Types

Type	CWE ID	Description
CWE	CWE-190	CWE-190 Integer Overflow or Wraparound

Metrics

Version	Base score	Base severity	Vector
3.1	6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

References

Hyperlink	Resource
https://github.com/iputils/iputils/issues	N/A
https://github.com/iputils/iputils/security/advisories/GHSA-25fr-jw29-74f9	N/A
https://bugzilla.suse.com/show_bug.cgi?id=1243772	N/A
https://github.com/iputils/iputils/commit/afa36390394a6e0cceba03b52b59b6d41710608c	N/A
https://github.com/iputils/iputils/releases/tag/20250602	N/A

▼Authorized Data Publishers (ADP)

CISA ADP Vulnrichment

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References