CVE-2025-11961
LOW
1,9
Source: [email protected]
Attack Vector: local
Attack Complexity: high
Privileges Required: high
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: low
Availability: none
Description
AI Translation Available
pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an application calls the function with an argument that deviates from the expected format, the function can read data beyond the end of the provided string and write data beyond the end of the allocated buffer.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0002
Percentile
0,0th
Updated
EPSS Score Trend (Last 75 Days)
122
Heap-based Buffer Overflow
DraftCommon Consequences
Security Scopes Affected:
Availability
Integrity
Confidentiality
Access Control
Other
Potential Impacts:
Dos: Crash, Exit, Or Restart
Dos: Resource Consumption (Cpu)
Dos: Resource Consumption (Memory)
Execute Unauthorized Code Or Commands
Bypass Protection Mechanism
Modify Memory
Other
Applicable Platforms
Languages:
C, C++, Memory-Unsafe
126
Buffer Over-read
DraftCommon Consequences
Security Scopes Affected:
Confidentiality
Availability
Integrity
Potential Impacts:
Read Memory
Bypass Protection Mechanism
Dos: Crash, Exit, Or Restart
Applicable Platforms
Languages:
C, C++, Memory-Unsafe
https://github.com/the-tcpdump-group/libpcap/commit/b2d2f9a9a0581c40780bde509f7…