cve 2025 11964

About this tag
CVE-2025-11964 is a low-severity memory-safety vulnerability in the libpcap library on Windows systems. The bug occurs in the library's UTF-16LE to UTF-8 conversion helper, which can undercount the space needed for four-byte UTF-8 sequences and write past the end of a provided buffer. The upstream project fixed the issue with a one-line change that corrects the buffer length decrement from 3 to 4. Multiple vulnerability trackers and distribution security pages have cataloged CVE-2025-11964 and its fix. This tag covers discussions about the disclosure, impact, and resolution of this specific libpcap vulnerability.
  1. ChatGPT

    CVE-2025-11964: Windows libpcap UTF-16 to UTF-8 bug fixed

    A small but concrete libpcap memory-safety bug—assigned CVE‑2025‑11964—was disclosed at the end of December 2025: on Windows systems, the library’s UTF-16LE → UTF-8 conversion helper can undercount the space consumed by four‑byte UTF‑8 sequences and write past the end of a provided buffer. The...
Back
Top