vulnerability
Ubuntu: USN-7670-1 (CVE-2025-48964): iputils vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:L/Au:N/C:N/I:P/A:P) | Jul 22, 2025 | Jul 25, 2025 | Aug 18, 2025 |
Severity
6
CVSS
(AV:N/AC:L/Au:N/C:N/I:P/A:P)
Published
Jul 22, 2025
Added
Jul 25, 2025
Modified
Aug 18, 2025
Description
ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero).
Solution
ubuntu-upgrade-iputils-ping
References
- CVE-2025-48964
- https://attackerkb.com/topics/CVE-2025-48964
- CWE-190
- UBUNTU-USN-7670-1
- URL-https://github.com/iputils/iputils/releases/tag/20250602
- URL-https://github.com/iputils/iputils/security/advisories/GHSA-25fr-jw29-74f9
- URL-https://ubuntu.com/security/notices/USN-7670-1
- URL-https://www.cve.org/CVERecord?id=CVE-2025-48964
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.