Nixpkgs security tracker

Untriaged

Permalink CVE-2025-47268

6.5 MEDIUM

CVSS version: 3.1
Attack vector (AV):
Attack complexity (AC):
Privileges required (PR):
User interaction (UI):
Scope (S):
Confidentiality impact (C):
Integrity impact (I):
Availability impact (A):

created 2 months, 3 weeks ago

ping in iputils through 20240905 allows a denial of service …

ping in iputils through 20240905 allows a denial of service (application error or incorrect data collection) via a crafted ICMP Echo Reply packet, because of a signed 64-bit integer overflow in timestamp multiplication.

References

https://github.com/iputils/iputils/issues/584
https://github.com/Zephkek/ping-rtt-overflow/ exploit
https://bugzilla.suse.com/show_bug.cgi?id=1242300
https://github.com/iputils/iputils/pull/585
https://github.com/iputils/iputils/releases/tag/20250602
https://github.com/iputils/iputils/commit/070cfacd7348386173231fb16fad4983d4e6a…

Affected products

iputils

=<20240905
<20250602

Matching in nixpkgs

pkgs.iputils

Set of small useful utilities for Linux networking

nixos-unstable 20250605
- nixpkgs-unstable 20250605
- nixos-unstable-small 20250605
nixos-25.11 20250605
- nixpkgs-25.11-darwin 20250605

pkgs.unixtools.ping

None

nixos-unstable 20250605
- nixpkgs-unstable 20250605
- nixos-unstable-small 20250605
nixos-25.11 20250605
- nixpkgs-25.11-darwin 20250605

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.iputils

pkgs.unixtools.ping