PT-2025-54265 · Libpcap+1 · Libpcap+1

Jin Wei

Published

2025-01-01

Updated

2026-02-18

CVE-2025-11961

CVSS v3.1

1.9

Low

Vector

AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions libpcap (affected versions not specified)

Description The pcap ether aton() function in libpcap has a flaw where it can read and write data beyond allocated buffer boundaries when provided with a malformed MAC-48 address string. The function expects a well-formed MAC-48 address but lacks adequate documentation regarding the expected format. If an application calls the function with an improperly formatted string, it can lead to a buffer overflow. The vulnerable function is pcap ether aton().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Buffer Over-read

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-126CWE-122

Related Identifiers

AZL-73335

AZL-73344

AZL-73373

AZL-73379

CVE-2025-11961

ECHO-5E37-6BB1-4B05

MGASA-2026-0005

OESA-2026-1109

OESA-2026-1110

OESA-2026-1111

OESA-2026-1112

OESA-2026-1113

OESA-2026-1114

OESA-2026-1207

OPENSUSE-SU-2026:10032-1

OPENSUSE-SU-2026:20075-1

SUSE-SU-2026:0036-1

SUSE-SU-2026:0053-1

SUSE-SU-2026:0062-1

SUSE-SU-2026:0063-1

SUSE-SU-2026:0575-1

SUSE-SU-2026:20048-1

SUSE-SU-2026:20064-1

SUSE-SU-2026:20120-1

SUSE-SU-2026:20153-1

Affected Products

Debian

Libpcap

PT-2025-54265 · Libpcap+1 · Libpcap+1

CVE-2025-11961

Weakness Enumeration

Related Identifiers

Affected Products

References · 62