Bug 34297 - iputils new security issue CVE-2025-47268
Summary: iputils new security issue CVE-2025-47268
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 9
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA9-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2025-05-21 10:43 CEST by Nicolas Salguero
Modified: 2025-05-25 01:26 CEST (History)
2 users (show)

See Also:
Source RPM: iputils-20221126-1.mga9.src.rpm
CVE: CVE-2025-47268
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Nicolas Salguero 2025-05-21 10:44:21 CEST

Source RPM: (none) => iputils-20240905-1.mga10.src.rpm, iputils-20221126-1.mga9.src.rpm
Status comment: (none) => Patch available from upstream and Fedora
CVE: (none) => CVE-2025-47268
Whiteboard: (none) => MGA9TOO

Comment 1 Nicolas Salguero 2025-05-23 16:17:24 CEST 
Suggested advisory:
========================

The updated packages fix a security vulnerability:

ping in iputils through 20240905 allows a denial of service (application error or incorrect data collection) via a crafted ICMP Echo Reply packet, because of a signed 64-bit integer overflow in timestamp multiplication. (CVE-2025-47268)

References:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LHFUD3TRXO7AHOVSFWLKP2MKB77PEQBK/
========================

Updated packages in core/updates_testing:
========================
iputils-20221126-1.1.mga9
iputils-ninfod-20221126-1.1.mga9

from SRPM:
iputils-20221126-1.1.mga9.src.rpm

Whiteboard: MGA9TOO => (none)
Status comment: Patch available from upstream and Fedora => (none)
Assignee: bugsquad => qa-bugs
Source RPM: iputils-20240905-1.mga10.src.rpm, iputils-20221126-1.mga9.src.rpm => iputils-20221126-1.mga9.src.rpm
Status: NEW => ASSIGNED
Version: Cauldron => 9

katnatek 2025-05-23 20:11:56 CEST

Keywords: (none) => advisory

Comment 2 Thomas Andrews 2025-05-24 21:59:17 CEST 
MGA9-64 Plasma. No installation issues. Tested with several pings:

[tom@localhost ~]$ ping localhost
PING localhost(localhost (::1)) 56 data bytes
64 bytes from localhost (::1): icmp_seq=1 ttl=64 time=0.024 ms
64 bytes from localhost (::1): icmp_seq=2 ttl=64 time=0.071 ms
64 bytes from localhost (::1): icmp_seq=3 ttl=64 time=0.069 ms
64 bytes from localhost (::1): icmp_seq=4 ttl=64 time=0.069 ms
64 bytes from localhost (::1): icmp_seq=5 ttl=64 time=0.069 ms
^C
--- localhost ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4025ms
rtt min/avg/max/mdev = 0.024/0.060/0.071/0.018 ms

Then my router (actual IP disguised):

[tom@localhost ~]$ ping XXX.YYY.ZZZ.1
PING XXX.YYY.ZZZ.1 (XXX.YYY.ZZZ.1) 56(84) bytes of data.
64 bytes from XXX.YYY.ZZZ.1: icmp_seq=1 ttl=64 time=0.370 ms
64 bytes from XXX.YYY.ZZZ.1: icmp_seq=2 ttl=64 time=0.334 ms
64 bytes from XXX.YYY.ZZZ.1: icmp_seq=3 ttl=64 time=0.424 ms
64 bytes from XXX.YYY.ZZZ.1: icmp_seq=4 ttl=64 time=0.417 ms
^C
--- XXX.YYY.ZZZ.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3025ms
rtt min/avg/max/mdev = 0.334/0.386/0.424/0.036 ms

A network device that was powered off:

[tom@localhost ~]$ ping XXX.YYY.ZZZ.141
PING XXX.YYY.ZZZ.141 (XXX.YYY.ZZZ.141) 56(84) bytes of data.
From XXX.YYY.ZZZ.118 icmp_seq=1 Destination Host Unreachable
From XXX.YYY.ZZZ.118 icmp_seq=2 Destination Host Unreachable
From XXX.YYY.ZZZ.118 icmp_seq=3 Destination Host Unreachable
From XXX.YYY.ZZZ.118 icmp_seq=4 Destination Host Unreachable
ping: sendmsg: No route to host
From XXX.YYY.ZZZ.118 icmp_seq=5 Destination Host Unreachable
From XXX.YYY.ZZZ.118 icmp_seq=6 Destination Host Unreachable
From XXX.YYY.ZZZ.118 icmp_seq=8 Destination Host Unreachable
From XXX.YYY.ZZZ.118 icmp_seq=9 Destination Host Unreachable
From XXX.YYY.ZZZ.118 icmp_seq=10 Destination Host Unreachable
From XXX.YYY.ZZZ.118 icmp_seq=11 Destination Host Unreachable
From XXX.YYY.ZZZ.118 icmp_seq=12 Destination Host Unreachable
From XXX.YYY.ZZZ.118 icmp_seq=13 Destination Host Unreachable
^C
--- XXX.YYY.ZZZ.141 ping statistics ---
16 packets transmitted, 0 received, +12 errors, 100% packet loss, time 15121ms
pipe 4

And one that was powered up:

[tom@localhost ~]$ ping XXX.YYY.ZZZ.124
PING XXX.YYY.ZZZ.124 (XXX.YYY.ZZZ.124) 56(84) bytes of data.
64 bytes from XXX.YYY.ZZZ.124: icmp_seq=1 ttl=255 time=0.345 ms
64 bytes from XXX.YYY.ZZZ.124: icmp_seq=2 ttl=255 time=0.200 ms
64 bytes from XXX.YYY.ZZZ.124: icmp_seq=3 ttl=255 time=0.198 ms
64 bytes from XXX.YYY.ZZZ.124: icmp_seq=4 ttl=255 time=0.201 ms
64 bytes from XXX.YYY.ZZZ.124: icmp_seq=5 ttl=255 time=0.193 ms
^C
--- XXX.YYY.ZZZ.124 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4040ms
rtt min/avg/max/mdev = 0.193/0.227/0.345/0.058 ms

And finally my favorite search engine:

[tom@localhost ~]$ ping duckduckgo.com
PING duckduckgo.com (52.149.246.39) 56(84) bytes of data.
64 bytes from 52.149.246.39 (52.149.246.39): icmp_seq=1 ttl=113 time=27.0 ms
64 bytes from 52.149.246.39 (52.149.246.39): icmp_seq=2 ttl=113 time=28.1 ms
^C64 bytes from 52.149.246.39: icmp_seq=3 ttl=113 time=26.6 ms

--- duckduckgo.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 10115ms
rtt min/avg/max/mdev = 26.590/27.244/28.109/0.637 ms

Looks OK to me.

Whiteboard: (none) => MGA9-64-OK
CC: (none) => andrewsfarm

Comment 3 Thomas Andrews 2025-05-24 22:00:16 CEST 
Validating.

CC: (none) => sysadmin-bugs
Keywords: (none) => validated_update

Comment 4 Mageia Robot 2025-05-25 01:26:51 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2025-0163.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.