{"id":"CVE-2025-47268","details":"ping in iputils before 20250602 allows a denial of service (application error or incorrect data collection) via a crafted ICMP Echo Reply packet, because of a signed 64-bit integer overflow in timestamp multiplication.","modified":"2026-04-16T00:00:38.368680864Z","published":"2025-05-05T14:15:29.063Z","related":["ALSA-2025:9421","ALSA-2025:9432","SUSE-SU-2025:01771-1","SUSE-SU-2025:01776-1","SUSE-SU-2025:01776-2","SUSE-SU-2025:01777-1","SUSE-SU-2025:01779-1","SUSE-SU-2025:01779-2","SUSE-SU-2025:1771-1","SUSE-SU-2025:20380-1","SUSE-SU-2025:20442-1","openSUSE-SU-2025:15089-1"],"references":[{"type":"WEB","url":"https://github.com/iputils/iputils/releases/tag/20250602"},{"type":"REPORT","url":"https://bugzilla.suse.com/show_bug.cgi?id=1242300"},{"type":"REPORT","url":"https://github.com/iputils/iputils/issues/584"},{"type":"REPORT","url":"https://github.com/iputils/iputils/pull/585"},{"type":"FIX","url":"https://github.com/iputils/iputils/commit/070cfacd7348386173231fb16fad4983d4e6ae40"},{"type":"FIX","url":"https://github.com/iputils/iputils/issues/584"},{"type":"FIX","url":"https://github.com/iputils/iputils/pull/585"},{"type":"EVIDENCE","url":"https://github.com/Zephkek/ping-rtt-overflow/"},{"type":"EVIDENCE","url":"https://github.com/iputils/iputils/issues/584"},{"type":"EVIDENCE","url":"https://github.com/iputils/iputils/pull/585"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/iputils/iputils","events":[{"introduced":"0"},{"fixed":"070cfacd7348386173231fb16fad4983d4e6ae40"},{"introduced":"0"},{"fixed":"23b06385444fba29c898370ae6f297e41c11667b"}]}],"versions":["20210202","20210722","20211215","20221126","20231222","20240117","20240905","meson","remove-old-build-system","s20060425","s20060512","s20070202","s20071127","s20100214","s20100418","s20101006","s20121011","s20121106","s20121112","s20121114","s20121121","s20121125","s20121126","s20121205","s20121207","s20121221","s20140419","s20140420","s20140519","s20150815","s20160308","s20161105","s20180629","s20190324","s20190515","s20190709","s20200821","start"],"database_specific":{"vanir_signatures":[{"source":"https://github.com/iputils/iputils/commit/070cfacd7348386173231fb16fad4983d4e6ae40","deprecated":false,"target":{"file":"ping/ping_common.c"},"signature_type":"Line","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["311609702589764496770859550528270878315","28497292084892826627675934632952583372","60713663631829141220260644321170526286","151577356486398732567788510430629652296","60494942356459311149308968689729579046","16003559683473755032927480083512513436","197005416518773971239077807193597619486","162823849199209985527841084726358666624","135412890435703013626003745938000401079","181993326875409586635103301443409265044","53296244989008936503151032554208787934","17611392801909787359363245411369926561","136177144949063511213769809144470209664"]},"id":"CVE-2025-47268-11758788"},{"signature_type":"Function","deprecated":false,"target":{"function":"gather_statistics","file":"ping/ping_common.c"},"source":"https://github.com/iputils/iputils/commit/070cfacd7348386173231fb16fad4983d4e6ae40","signature_version":"v1","digest":{"length":3455,"function_hash":"105672088197061194410684573106350053523"},"id":"CVE-2025-47268-9da348d3"}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-47268.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}]}