Описание
Security update for iputils
This update for iputils fixes the following issues:
Security fixes:
- CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior (bsc#1242300).
Other bug fixes:
- Fixed incorrect IPV4 TTL value when using SOCK_DGRAM on big endian systems (bsc#1243284).
Список пакетов
Container suse/sle-micro-rancher/5.3:latest
iputils-20211215-150400.3.19.1
Container suse/sle-micro-rancher/5.4:latest
iputils-20211215-150400.3.19.1
Container suse/sle-micro/5.3/toolbox:latest
iputils-20211215-150400.3.19.1
Container suse/sle-micro/5.4/toolbox:latest
iputils-20211215-150400.3.19.1
SUSE Linux Enterprise Module for Server Applications 15 SP7
rarpd-20211215-150400.3.19.1
Ссылки
- Link for SUSE-SU-2025:01779-2
- E-Mail link for SUSE-SU-2025:01779-2
- SUSE Security Ratings
- SUSE Bug 1242300
- SUSE Bug 1243284
- SUSE CVE CVE-2025-47268 page
Описание
ping in iputils through 20240905 allows a denial of service (application error or incorrect data collection) via a crafted ICMP Echo Reply packet, because of a signed 64-bit integer overflow in timestamp multiplication.
Затронутые продукты
Container suse/sle-micro-rancher/5.3:latest:iputils-20211215-150400.3.19.1
Container suse/sle-micro-rancher/5.4:latest:iputils-20211215-150400.3.19.1
Container suse/sle-micro/5.3/toolbox:latest:iputils-20211215-150400.3.19.1
Container suse/sle-micro/5.4/toolbox:latest:iputils-20211215-150400.3.19.1
Ссылки
- CVE-2025-47268
- SUSE Bug 1242300