2426394 – (CVE-2025-11964) CVE-2025-11964 libpcap: libpcap: Data corruption via out-of-bounds write on Windows

Bug 2426394 (CVE-2025-11964) - CVE-2025-11964 libpcap: libpcap: Data corruption via out-of-bounds write on Windows

Summary: CVE-2025-11964 libpcap: libpcap: Data corruption via out-of-bounds write on W...

Keywords:
Status:	NEW
Alias:	CVE-2025-11964
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2025-12-31 02:01 UTC by OSIDB Bzimport
Modified:	2026-01-01 11:56 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-12-31 02:01:15 UTC

On Windows only, if libpcap needs to convert a Windows error message to UTF-8 and the message includes characters that UTF-8 represents using 4 bytes, utf_16le_to_utf_8_truncated() can write data beyond the end of the provided buffer.

Note You need to log in before you can comment on or make changes to this bug.