CVE-2025-11961

LOW

1.9

Descricao

pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an application calls the function with an argument that deviates from the expected format, the function can read data beyond the end of the provided string and write data beyond the end of the allocated buffer.

Detalhes CVE

Pontuacao CVSS v3.11.9

SeveridadeLOW

Vetor CVSSCVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N

Vetor de ataqueLOCAL

ComplexidadeHIGH

Privilegios necessariosHIGH

Interacao do usuarioNONE

Publicado12/31/2025

Ultima modificacao12/31/2025

Fontenvd

Avistamentos honeypot0

Fraquezas (CWE)

CWE-122CWE-126

Referencias

https://github.com/the-tcpdump-group/libpcap/commit/b2d2f9a9a0581c40780bde509f7cc715920f1c02(security@tcpdump.org)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.