Medium severity6.5OSV Advisory· Published Jul 22, 2025· Updated Apr 15, 2026
CVE-2025-48964
CVE-2025-48964
Description
ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
17- osv-coords15 versionspkg:rpm/almalinux/iputilspkg:rpm/almalinux/iputils-ninfodpkg:rpm/opensuse/iputils&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/iputils&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/iputils&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/iputils&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/iputils&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/iputils&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/iputils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/iputils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/iputils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP6pkg:rpm/suse/iputils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7pkg:rpm/suse/iputils&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/iputils&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/iputils&distro=SUSE%20Linux%20Micro%206.1
< 20210202-11.el9_6.3+ 14 more
- (no CPE)range: < 20210202-11.el9_6.3
- (no CPE)range: < 20210202-11.el9_6.3
- (no CPE)range: < 20221126-150500.3.14.1
- (no CPE)range: < s20161105-150000.8.14.1
- (no CPE)range: < s20161105-150000.8.14.1
- (no CPE)range: < 20211215-150400.3.22.1
- (no CPE)range: < 20211215-150400.3.22.1
- (no CPE)range: < 20221126-150500.3.14.1
- (no CPE)range: < 20221126-150500.3.14.1
- (no CPE)range: < 20221126-150500.3.14.1
- (no CPE)range: < 20211215-150400.3.22.1
- (no CPE)range: < 20211215-150400.3.22.1
- (no CPE)range: < s20161105-11.12.1
- (no CPE)range: < 20221126-6.1
- (no CPE)range: < 20221126-slfo.1.1_2.1
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.