汇总 iputils 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
历史漏洞主要涉及 缓冲区溢出、拒绝服务与整数处理缺陷 等问题,部分漏洞可能导致 内存损坏,并影响 生产负载与软件部署 相关场景。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2025-48964 | ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timesta | [email protected] | 6.5 | 0.31% | 2025-07-22 | 2026-06-17 |
| CVE-2025-47268 | ping in iputils before 20250602 allows a denial of service (application error or incorrect data collection) via a crafted ICMP Echo Reply packet, because of a signed 64-bit integer overflow in timestamp multiplication. | [email protected] | 6.5 | 1.34% | 2025-05-05 | 2026-06-17 |
| CVE-2000-1214 | Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges. | [email protected] | 4.6 | 0.41% | 2000-10-18 | 2026-06-16 |
| CVE-2000-1213 | ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping's exposure to bugs that otherwise would occur at lower privileges. | [email protected] | 7.5 | 1.93% | 2000-10-18 | 2026-06-16 |