cve 2025 11961

About this tag
CVE-2025-11961 is a vulnerability in the libpcap library's pcap_ether_aton function, which parses MAC-48 address strings. A malformed input can trigger both an out-of-bounds read and an out-of-bounds write. While the severity is low, the bug is notable because libpcap is widely used in network tools like tcpdump and intrusion detection systems. The fix has been committed upstream and is being tracked by major Linux distributions. System administrators and developers should ensure their systems are updated to the patched version of libpcap to mitigate potential risks.
  1. CVE-2025-11961: libpcap MAC parsing bug fixed in pcap_ether_aton

    pcap_ether_aton, a long-standing utility in the widely used libpcap packet-capture library, has been assigned CVE-2025-11961 after maintainers fixed an input-validation bug that can cause both an out-of-bounds read (OOBR) and an out-of-bounds write (OOBW) when the function is given a malformed...