CVE-2025-48964

22.07.2025, 18:15

ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero).

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.5 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
mitre	CNA	6.5 MEDIUM				CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 34%

Ubuntu Releases

Ubuntu Product

Codename

iputils

questing	Fixed 3:20240905-3ubuntu2 released
plucky	Fixed 3:20240905-1ubuntu1.1 released
noble	Fixed 3:20240117-1ubuntu0.1 released
jammy	Fixed 3:20211215-1ubuntu0.1 released
focal	needs-triage
bionic	needs-triage
xenial	needs-triage
trusty	needs-triage

Common Weakness Enumeration

CWE-190 - Integer Overflow or Wraparound
The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.

References

https://bugzilla.suse.com/show_bug.cgi?id=1243772

https://github.com/iputils/iputils/commit/afa36390394a6e0cceba03b52b59b6d41710608c

https://github.com/iputils/iputils/issues

https://github.com/iputils/iputils/releases/tag/20250602

https://github.com/iputils/iputils/security/advisories/GHSA-25fr-jw29-74f9