CVE-2025-11961

LOW

1.9

Descripcion

pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an application calls the function with an argument that deviates from the expected format, the function can read data beyond the end of the provided string and write data beyond the end of the allocated buffer.

Detalles CVE

Puntuacion CVSS v3.11.9

SeveridadLOW

Vector CVSSCVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N

Vector de ataqueLOCAL

ComplejidadHIGH

Privilegios requeridosHIGH

Interaccion usuarioNONE

Publicado12/31/2025

Ultima modificacion12/31/2025

Fuentenvd

Avistamientos honeypot0

Debilidades (CWE)

CWE-122CWE-126

Referencias

https://github.com/the-tcpdump-group/libpcap/commit/b2d2f9a9a0581c40780bde509f7cc715920f1c02(security@tcpdump.org)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.