CVE-2025-11961

CVE-2025-11961 is a low-severity vulnerability with a CVSS 3.x base score of 1.9. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-122.

Key facts

Description

pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an application calls the function with an argument that deviates from the expected format, the function can read data beyond the end of the provided string and write data beyond the end of the allocated buffer.

Frequently asked questions

What is CVE-2025-11961?
pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an application calls the function with an argument that deviates from the expected format, the function can read data beyond the end of the provided string and write data beyond the end of the allocated buffer.
How severe is CVE-2025-11961?
CVE-2025-11961 has a CVSS 3.x base score of 1.9, rated low severity. It is exploitable over local access with high attack complexity, requires high privileges and no user interaction. Impact on confidentiality is none, integrity low, and availability none.
Is CVE-2025-11961 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (1st percentile), an estimate of the probability of exploitation in the next 30 days.
How do I fix CVE-2025-11961?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
Does CVE-2025-11961 have an EU (EUVD) identifier?
Yes. CVE-2025-11961 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2025-205869.
When was CVE-2025-11961 published?
CVE-2025-11961 was published on 2025-12-31 and last updated on 2026-06-17.

References

Other CWE-122 (Heap-based Buffer Overflow) vulnerabilities

Browse all CWE-122 (Heap-based Buffer Overflow) vulnerabilities →