iputils-20210202-11.el9_6.3
エラータID: AXSA:2025-10968:03
The iputils packages contain basic utilities for monitoring a network, including ping.
Security Fix(es):
* iputils: iputils integer overflow (CVE-2025-48964)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2025-48964
ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero).
Update packages.
ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero).
N/A
SRPMS
- iputils-20210202-11.el9_6.3.src.rpm
MD5: 0a87e3cb7eac3ee5c525cd1e866c1ef8
SHA-256: 8d5e816d5f44eef66f53ef949dc89e837c7d2e23c11a5e0dd7296f8ed0a8fabb
Size: 592.83 kB
Asianux Server 9 for x86_64
- iputils-20210202-11.el9_6.3.x86_64.rpm
MD5: 4272e109e33253abff662f728a8e4b89
SHA-256: a1a4fafdcb250e7ffeac74980a2dc633b2c66231969d365ee207133db21795af
Size: 175.07 kB - iputils-ninfod-20210202-11.el9_6.3.x86_64.rpm
MD5: 4baeba383ded9bcb4962fa7dc28fdd06
SHA-256: 7e72211f30ad4baa9d8ccf4b93b66103c77d8de6dcb03a39d3bfcc41bacb465d
Size: 27.12 kB