AZL-73335

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-73335.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-73335

Upstream

CVE-2025-11961

Published

2025-12-31T01:15:54Z

Modified

2026-04-21T04:33:51.707643Z

Summary

CVE-2025-11961 affecting package libpcap for versions less than 1.10.6-1

Details

pcapetheraton() is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an application calls the function with an argument that deviates from the expected format, the function can read data beyond the end of the provided string and write data beyond the end of the allocated buffer.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-11961

Affected packages

Azure Linux:3 / libpcap

Package

Name: libpcap
Purl: pkg:rpm/azure-linux/libpcap

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.10.6-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-73335.json"