Описание
ELSA-2025-17558: iputils security update (MODERATE)
[20210202-11.0.1.3]
- Upstream backport 'ping: Add SA_RESTART to sa_flags' [Orabug: 34573399]
[20210202-11.3]
- Bump release
[20210202-11.2]
- Fix CVE-2025-48964 iputils: iputils integer overflow (RHEL-112001)
[20210202-11.1]
- Fix CVE-2025-47268 iputils: Signed Integer Overflow in Timestamp Multiplication in iputils ping (RHEL-94335)
[20210202-11]
- ping: Fix ping6 binding to VRF and address (RHEL-57734)
[20210202-10]
- arping: Fix 1s delay on exit for unsolicited arpings (RHEL-34110)
- arping: exit 0 if running in deadline mode and we see replies (RHEL-27718)
- ping: Print reply with wrong source with warning & some follow-up fixes (RHEL-12789, RHEL-13480)
- ping: Fix socket error reporting (RHEL-4608)
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
iputils
20210202-11.0.1.el9_6.3
iputils-ninfod
20210202-11.0.1.el9_6.3
Oracle Linux x86_64
iputils
20210202-11.0.1.el9_6.3
iputils-ninfod
20210202-11.0.1.el9_6.3
Связанные CVE
Связанные уязвимости
ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero).
ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero).
ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero).
ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero).
ping in iputils before 20250602 allows a denial of service (applicatio ...