The Tcpdump Group Libpcap vulnerabilities

5 known vulnerabilities affecting the_tcpdump_group/libpcap.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM1LOW2

Vulnerabilities

Page 1 of 1
CVE-2025-11964LOWCVSS 1.9≥ 1.10.0, < 1.10.62025-12-31
CVE-2025-11964 [LOW] CWE-787 CVE-2025-11964: On Windows only, if libpcap needs to convert a Windows error message to UTF-8 and the message includ On Windows only, if libpcap needs to convert a Windows error message to UTF-8 and the message includes characters that UTF-8 represents using 4 bytes, utf_16le_to_utf_8_truncated() can write data beyond the end of the provided buffer.
cvelistv5nvd
CVE-2025-11961LOWCVSS 1.9fixed in 1.10.62025-12-31
CVE-2025-11961 [LOW] CWE-122 CVE-2025-11961: pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fixe pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an application calls the function with an argument that deviates from the expected form
cvelistv5nvd
CVE-2024-8006MEDIUMCVSS 4.4v1.9.x≥ 1.10.x, ≤ 1.10.42024-08-31
CVE-2024-8006 [MEDIUM] CWE-476 CVE-2024-8006: Remote packet capture support is disabled by default in libpcap. When a user builds libpcap with re Remote packet capture support is disabled by default in libpcap. When a user builds libpcap with remote packet capture support enabled, one of the functions that become available is pcap_findalldevs_ex(). One of the function arguments can be a filesystem path, which normally means a directory with input data files. When the specified path cannot be us
cvelistv5nvd
CVE-2023-7256CRITICALCVSS 9.8v1.8.xv1.9.x+1 more2024-08-30
CVE-2023-7256 [CRITICAL] CWE-415 Double-free in libpcap before 1.10.5 with remote packet capture support. Double-free in libpcap before 1.10.5 with remote packet capture support. In affected libpcap versions during the setup of a remote packet capture the internal function sock_initaddress() calls getaddrinfo() and possibly freeaddrinfo(), but does not clearly indicate to the caller function whether freeaddrinfo() still remains to be called after the function returns. This makes it possible in
cvelistv5
CVE-2023-40400CRITICALCVSS 9.8v1.8.xv1.9.x+1 more2023-09-27
CVE-2023-40400 [CRITICAL] CWE-415 CVE-2023-40400: This issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, This issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. A remote user may cause an unexpected app termination or arbitrary code execution.
nvd