github - ghsa-x25x-vjrm-h7qq

ghsa-x25x-vjrm-h7qq

Vulnerability from github

Published

2025-12-31 03:30

Modified

2025-12-31 03:30

Severity ?

1.9 (Low) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N

Details

pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an application calls the function with an argument that deviates from the expected format, the function can read data beyond the end of the provided string and write data beyond the end of the allocated buffer.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-11961"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-122"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-31T01:15:54Z",
    "severity": "LOW"
  },
  "details": "pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer.  The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented.  If an application calls the function with an argument that deviates from the expected format, the function can read data beyond the end of the provided string and write data beyond the end of the allocated buffer.",
  "id": "GHSA-x25x-vjrm-h7qq",
  "modified": "2025-12-31T03:30:34Z",
  "published": "2025-12-31T03:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11961"
    },
    {
      "type": "WEB",
      "url": "https://github.com/the-tcpdump-group/libpcap/commit/b2d2f9a9a0581c40780bde509f7cc715920f1c02"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2025-11961 (GCVE-0-2025-11961)

Vulnerability from cvelistv5

Published

2025-12-31 00:56

Modified

2025-12-31 00:56

Severity ?

1.9 (Low) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N

CWE

CWE-126 - Buffer Over-read
CWE-122 - Heap-based Buffer Overflow

Summary

pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an application calls the function with an argument that deviates from the expected format, the function can read data beyond the end of the provided string and write data beyond the end of the allocated buffer.

References

URL

Tags

https://github.com/the-tcpdump-group/libpcap/commit/b2d2f9a9a0581c40780bde509f7cc715920f1c02

patch

Impacted products

	Vendor	Product	Version
	The Tcpdump Group	libpcap	Version: 0 ≤

Show details on NVD website

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "libpcap",
          "programFiles": [
            "nametoaddr.c"
          ],
          "programRoutines": [
            {
              "name": "pcap_ether_aton()"
            }
          ],
          "repo": "https://github.com/the-tcpdump-group/libpcap/",
          "vendor": "The Tcpdump Group",
          "versions": [
            {
              "lessThan": "1.10.6",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Jin Wei"
        },
        {
          "lang": "en",
          "type": "reporter",
          "value": "Kunwei Qian"
        },
        {
          "lang": "en",
          "type": "reporter",
          "value": "Ping Chen"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer.  The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented.  If an application calls the function with an argument that deviates from the expected format, the function can read data beyond the end of the provided string and write data beyond the end of the allocated buffer."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 1.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126 Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122 Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-31T00:56:16.310Z",
        "orgId": "cfdbb673-b408-4d03-89c1-c3d73ed80896",
        "shortName": "Tcpdump"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/the-tcpdump-group/libpcap/commit/b2d2f9a9a0581c40780bde509f7cc715920f1c02"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "In libpcap 1.10.6 the function has been reimplemented to apply a stricter input validation and to fail safely if the input is invalid."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "OOBR and OOBW in pcap_ether_aton() in libpcap"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cfdbb673-b408-4d03-89c1-c3d73ed80896",
    "assignerShortName": "Tcpdump",
    "cveId": "CVE-2025-11961",
    "datePublished": "2025-12-31T00:56:16.310Z",
    "dateReserved": "2025-10-20T13:42:36.190Z",
    "dateUpdated": "2025-12-31T00:56:16.310Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.