{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-48964", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-07-23T15:08:46.945Z", "dateReserved": "2025-05-29T00:00:00.000Z", "datePublished": "2025-07-22T00:00:00.000Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "iputils", "vendor": "iputils", "versions": [{"lessThan": "20250602", "status": "affected", "version": "0", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero)."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-07-23T15:08:46.945Z"}, "references": [{"url": "https://github.com/iputils/iputils/issues"}, {"url": "https://github.com/iputils/iputils/security/advisories/GHSA-25fr-jw29-74f9"}, {"url": "https://bugzilla.suse.com/show_bug.cgi?id=1243772"}, {"url": "https://github.com/iputils/iputils/commit/afa36390394a6e0cceba03b52b59b6d41710608c"}, {"url": "https://github.com/iputils/iputils/releases/tag/20250602"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:iputils:iputils:*:*:*:*:*:*:*:*", "versionEndExcluding": "20250602"}]}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-190", "lang": "en", "description": "CWE-190 Integer Overflow or Wraparound"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-07-22T18:00:42.570227Z", "id": "CVE-2025-48964", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-22T18:03:17.894Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-48964", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-22T18:00:42.570227Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-22T18:01:23.082Z"}}], "cna": {"metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}}], "affected": [{"vendor": "iputils", "product": "iputils", "versions": [{"status": "affected", "version": "0", "lessThan": "20250602", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/iputils/iputils/issues"}, {"url": "https://github.com/iputils/iputils/security/advisories/GHSA-25fr-jw29-74f9"}, {"url": "https://bugzilla.suse.com/show_bug.cgi?id=1243772"}, {"url": "https://github.com/iputils/iputils/commit/afa36390394a6e0cceba03b52b59b6d41710608c"}, {"url": "https://github.com/iputils/iputils/releases/tag/20250602"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "descriptions": [{"lang": "en", "value": "ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero)."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:iputils:iputils:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "20250602"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-07-23T15:08:46.945Z"}}}, "cveMetadata": {"cveId": "CVE-2025-48964", "state": "PUBLISHED", "dateUpdated": "2025-07-23T15:08:46.945Z", "dateReserved": "2025-05-29T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2025-07-22T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero)."}, {"lang": "es", "value": "El ping en iputils hasta la versi\u00f3n 20240905 permite una denegaci\u00f3n de servicio (error de aplicaci\u00f3n en modo ping adaptativo o recopilaci\u00f3n incorrecta de datos) mediante un paquete de respuesta de eco ICMP manipulado, ya que una marca de tiempo cero puede generar valores intermedios grandes que presentan un desbordamiento de enteros al elevarlos al cuadrado durante los c\u00e1lculos estad\u00edsticos. NOTA: Este problema existe debido a una correcci\u00f3n incompleta para CVE-2025-47268 (dicha correcci\u00f3n solo afectaba a los c\u00e1lculos de marca de tiempo y no contemplaba un escenario espec\u00edfico donde la marca de tiempo original en la payload ICMP es cero)."}], "id": "CVE-2025-48964", "lastModified": "2025-07-25T15:29:44.523", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "cve@mitre.org", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-07-22T18:15:36.020", "references": [{"source": "cve@mitre.org", "url": "https://bugzilla.suse.com/show_bug.cgi?id=1243772"}, {"source": "cve@mitre.org", "url": "https://github.com/iputils/iputils/commit/afa36390394a6e0cceba03b52b59b6d41710608c"}, {"source": "cve@mitre.org", "url": "https://github.com/iputils/iputils/issues"}, {"source": "cve@mitre.org", "url": "https://github.com/iputils/iputils/releases/tag/20250602"}, {"source": "cve@mitre.org", "url": "https://github.com/iputils/iputils/security/advisories/GHSA-25fr-jw29-74f9"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "cve@mitre.org", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-190"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "iputils: iputils integer overflow", "id": "2382657", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382657"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-190", "details": ["ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero).", "An integer overflow flaw has been discovered in the ping function within the iputils package. This overflow may allow an attacker to craft an ECHO reply which can prevent iputils from operating normally."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-48964", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "iputils", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "iputils", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "iputils", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "iputils", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-07-22T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-48964\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-48964\nhttps://bugzilla.suse.com/show_bug.cgi?id=1243772\nhttps://github.com/iputils/iputils/commit/afa36390394a6e0cceba03b52b59b6d41710608c\nhttps://github.com/iputils/iputils/issues\nhttps://github.com/iputils/iputils/security/advisories/GHSA-25fr-jw29-74f9"], "threat_severity": "Moderate"}