The libpcap tag on WindowsForum.com covers discussions about the widely used packet-capture library, including recent security vulnerabilities. Threads address CVE-2025-11961, a MAC parsing bug in pcap_ether_aton that can cause out-of-bounds reads and writes, and CVE-2025-11964, a Windows-specific UTF-16 to UTF-8 conversion bug leading to buffer overflows. Both issues have low severity but are important for administrators and developers due to libpcap's integration into tools like tcpdump and IDS/NSM components. The tag provides technical details on fixes and implications for network security.
-
pcap_ether_aton, a long-standing utility in the widely used libpcap packet-capture library, has been assigned CVE-2025-11961 after maintainers fixed an input-validation bug that can cause both an out-of-bounds read (OOBR) and an out-of-bounds write (OOBW) when the function is given a malformed...
-
A small but concrete libpcap memory-safety bug—assigned CVE‑2025‑11964—was disclosed at the end of December 2025: on Windows systems, the library’s UTF-16LE → UTF-8 conversion helper can undercount the space consumed by four‑byte UTF‑8 sequences and write past the end of a provided buffer. The...