Memory Corruption Vulnerability in libpcap Affecting TCPDump
CVE-2025-11961

1.9LOW

Key Information:

Vendor: The Tcpdump Group
Status: Libpcap
Vendor: CVE Published:; 31 December 2025

🔔 Create The Tcpdump Group Vulnerability Alert

What is CVE-2025-11961?

The vulnerable pcap_ether_aton() function in libpcap mishandles input strings, which may lead to memory corruption. When an application passes an improperly formatted MAC-48 address, the function may inadvertently read or write data outside of intended memory bounds. This issue, stemming from poor documentation of input requirements, poses a risk of unintended data manipulation and potential data leaks. Users are advised to apply the latest patches as specified in the referenced GitHub commit to mitigate these vulnerabilities.

Affected Version(s)

libpcap 0 < 1.10.6

References

https://github.com/the-tcpdump-group/libpcap/commit/b2d2f...

patch

CVSS V3.1

Score:

1.9

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 31, 2025
Vulnerability Reserved
Oct 20, 2025

Credit

Jin Wei

Kunwei Qian

Ping Chen

CVE-2025-11961 Data

JSON