CVE-2025-11961 LOW

CVE-2025-11961: OOBR and OOBW in pcap_ether_aton() in libpcap

Vendor The Tcpdump Group
Product libpcap
Weakness CWE-126
Published December 31, 2025
Last update January 2, 2026

CVSS base score

1.9/10
Attack vector Local
Attack complexity High
Privileges required High
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an application calls the function with an argument that deviates from the expected format, the function can read data beyond the end of the provided string and write data beyond the end of the allocated buffer.

Key dates

02Disclosure timeline

December 31, 2025 CVE published
January 2, 2026 Record updated