Medium severity6.5NVD Advisory· Published May 5, 2025· Updated Apr 6, 2026

CVE-2025-47268

Description

ping in iputils before 20250602 allows a denial of service (application error or incorrect data collection) via a crafted ICMP Echo Reply packet, because of a signed 64-bit integer overflow in timestamp multiplication.

Affected products

Iputils/Iputils
cpe:2.3:a:iputils:iputils:*:*:*:*:*:*:*:*
Range: <20250602

Patches

23b06385444f

https://github.com/iputils/iputilsvia osv

070cfacd7348

https://github.com/iputils/iputilsvia nvd-ref

commit

e61180538892

https://github.com/iputils/iputilsvia nvd-ref

PR #585

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/iputils/iputils/commit/070cfacd7348386173231fb16fad4983d4e6ae40nvdPatch
github.com/iputils/iputils/issues/584nvdExploitIssue TrackingPatch
github.com/iputils/iputils/pull/585nvdExploitIssue TrackingPatch
bugzilla.suse.com/show_bug.cginvdIssue Tracking
github.com/iputils/iputils/releases/tag/20250602nvdRelease Notes

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000