Описание
ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero).
An integer overflow flaw has been discovered in the ping function within the iputils package. This overflow may allow an attacker to craft an ECHO reply which can prevent iputils from operating normally.
Отчет
Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-190: Integer Overflow or Wraparound vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low. Baseline configurations and configuration controls enforce secure system and software settings, while least functionality reduces the attack surface by disabling unnecessary services and ports. In the event of successful exploitation, process isolation ensures that memory corruption is contained within the originating process, preventing it from affecting other processes or the system as a whole. The environment leverages malicious code protections such as IPS/IDS and antimalware solutions. These controls help detect and prevent malicious code that attempts to exploit integer overflow vulnerabilities through mechanisms like file integrity checks and patch management. Finally, memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) are used to enhance resilience against integer overflows and denial-of-service attacks.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | iputils | Fix deferred | ||
| Red Hat Enterprise Linux 7 | iputils | Fix deferred | ||
| Red Hat Enterprise Linux 8 | iputils | Fix deferred | ||
| Red Hat Enterprise Linux 9 | iputils | Affected |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero).
ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero).
ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero).
ping in iputils before 20250602 allows a denial of service (applicatio ...
EPSS
5.3 Medium
CVSS3