CVE-2025-11961 — LOW (1.9) — White Hats Nepal

Vulnerability Description

pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an application calls the function with an argument that deviates from the expected format, the function can read data beyond the end of the provided string and write data beyond the end of the allocated buffer.

CVSS Score

1.9

LOW

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

LOW

Availability

NONE

Related Weaknesses (CWE)

CWE-126 CWE-122

References

https://github.com/the-tcpdump-group/libpcap/commit/b2d2f9a9a0581c40780bde509f7c

FAQ

What is CVE-2025-11961?

CVE-2025-11961 is a vulnerability with a CVSS score of 1.9 (LOW). pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the sup...

How severe is CVE-2025-11961?

CVE-2025-11961 has been rated LOW with a CVSS base score of 1.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-11961?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.