Debian Iputils vulnerabilities

CVE-2025-48964 [MEDIUM] CVE-2025-48964: iputils - ping in iputils before 20250602 allows a denial of service (application error in... ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE

CVE-2025-47268 [MEDIUM] CVE-2025-47268: iputils - ping in iputils before 20250602 allows a denial of service (application error or... ping in iputils before 20250602 allows a denial of service (application error or incorrect data collection) via a crafted ICMP Echo Reply packet, because of a signed 64-bit integer overflow in timestamp multiplication. Scope: local bookworm: open bullseye: open forky: resolved (fixed in 3:20250605-1) sid: resolved (fixed in 3:20250605-1) trixie: open

CVE-2010-2529 [MEDIUM] CVE-2010-2529: inetutils - Unspecified vulnerability in ping.c in iputils 20020927, 20070202, 20071127, and... Unspecified vulnerability in ping.c in iputils 20020927, 20070202, 20071127, and 20100214 on Mandriva Linux allows remote attackers to cause a denial of service (hang) via a crafted echo response. Scope: local bookworm: resolved (fixed in 2:1.9-2) bullseye: resolved (fixed in 2:1.9-2) forky: resolved (fixed in 2:1.9-2) sid: resolved (fixed in 2:1.9-2) trixie: reso