CVE-2025-47268

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Name of the Vulnerable Software and Affected Versions iputils versions through 20240905

Description The issue allows for a denial of service, resulting in application error or incorrect data collection, via a crafted ICMP Echo Reply packet. This is caused by a signed 64-bit integer overflow in timestamp multiplication.

Recommendations For versions through 20240905, as a temporary workaround, consider restricting the handling of ICMP Echo Reply packets to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALSA-2025:9421

ALSA-2025:9432

ALT-PU-2025-8533

ALT-PU-2025-8549

AZL-64086

AZL-64106

BDU:2025-11086

CVE-2025-47268

ECHO-4B45-6FF3-BBE1

INFSA-2025_9432

MGASA-2025-0163

OESA-2025-1891

OESA-2025-1950

OESA-2025-1951

OESA-2025-1952

OESA-2025-1953

OESA-2025-1954

OPENSUSE-SU-2025:15089-1

OPENSUSE-SU-2025_01776-1

OPENSUSE-SU-2025_01779-1

RHSA-2025:11320

RHSA-2025:11321

RHSA-2025:9421

RHSA-2025:9432

RHSA-2025_9432

SUSE-SU-2025:01771-1

SUSE-SU-2025:01776-1

SUSE-SU-2025:01776-2

SUSE-SU-2025:01777-1

SUSE-SU-2025:01779-1

SUSE-SU-2025:01779-2

SUSE-SU-2025:1771-1

SUSE-SU-2025:20380-1

SUSE-SU-2025:20442-1

SUSE-SU-2025_01776-1

SUSE-SU-2025_01776-2

SUSE-SU-2025_01777-1

SUSE-SU-2025_01779-1

SUSE-SU-2025_01779-2

SUSE-SU-2025_1771-1

USN-7670-1

Affected Products

Alt Linux

Almalinux

Debian

Linuxmint

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

Iputils

CVE-2025-47268

Weakness Enumeration

Related Identifiers

Affected Products

References · 92