Bug 34939 - libpcap new security issue CVE-2025-11961
Summary: libpcap new security issue CVE-2025-11961
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 9
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA9-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2026-01-06 13:23 CET by Nicolas Salguero
Modified: 2026-01-10 06:08 CET (History)
3 users (show)

See Also:
Source RPM: libpcap-1.10.5-1.mga9.src.rpm
CVE: CVE-2025-11961
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Nicolas Salguero 2026-01-06 13:24:37 CET

Source RPM: (none) => libpcap-1.10.5-1.mga9.src.rpm
CVE: (none) => CVE-2025-11961
Status comment: (none) => Fixed upstream in 1.10.6

Comment 1 Nicolas Salguero 2026-01-06 13:31:06 CET 
Suggested advisory:
========================

The updated packages fix a security vulnerability:

OOBR and OOBW in pcap_ether_aton() in libpcap. (CVE-2025-11961)

References:
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2026&m=slackware-security.355202
========================

Updated packages in core/updates_testing:
========================
lib(64)pcap1-1.10.6-1.mga9
lib(64)pcap-devel-1.10.6-1.mga9
libpcap-doc-1.10.6-1.mga9

from SRPM:
libpcap-1.10.6-1.mga9.src.rpm

Assignee: bugsquad => qa-bugs
Status: NEW => ASSIGNED
Status comment: Fixed upstream in 1.10.6 => (none)

Comment 2 Herman Viaene 2026-01-06 18:15:30 CET 
M9 server Plasma Wayland on Compaq H000SB
No installation issues.
Ref bug 31358 Comment 3

# tcpdump -i wlo1 -nn -s0 -v
tcpdump: listening on wlo1, link-type EN10MB (Ethernet), snapshot length 262144 bytes
18:12:29.484912 34:31:c4:80:a9:b4 > ff:ff:ff:ff:ff:ff, ethertype Unknown (0x88e1), length 60: 
        0x0000:  0000 a000 b052 1c22 f477 0000 0000 0000  .....R.".w......
        0x0010:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0020:  0000 0000 0000 0000 0000 0000 0000       ..............
18:12:29.485963 34:31:c4:80:a9:b4 > ff:ff:ff:ff:ff:ff, ethertype Unknown (0x8912), length 60: 
        0x0000:  0170 a000 0000 1f84 22a3 97a2 5553 bef1  .p......"...US..
        0x0010:  fcf9 796b 5214 13e9 e200 0000 0000 0000  ..ykR...........
        0x0020:  0000 0000 0000 0000 0000 0000 0000       ..............
18:12:30.973707 IP (tos 0x0, ttl 255, id 28667, offset 0, flags [none], proto UDP (17), length 66)
    192.168.2.15.5353 > 224.0.0.251.5353: 41621+ ANY (QM)? HP842AFD9852FF.local. (38)
18:12:30.973849 IP6 (hlim 255, next-header UDP (17) payload length: 46) fe80::3631:c4ff:fe80:a9b4.5353 > ff02::fb.5353: [udp sum ok] 41621+ ANY (QM)? HP842AFD9852FF.local. (38)
18:12:30.977219 IP (tos 0x0, ttl 255, id 28668, offset 0, flags [none], proto UDP (17), length 57)
    192.168.2.15.5353 > 224.0.0.251.5353: 60689+ ANY (QM)? mach3.local. (29)
18:12:30.977326 IP6 (hlim 255, next-header UDP (17) payload length: 37) fe80::3631:c4ff:fe80:a9b4.5353 > ff02::fb.5353: [udp sum ok] 60689+ ANY (QM)? mach3.local. (29)
18:12:30.977413 IP6 (hlim 255, next-header UDP (17) payload length: 37) fe80::3631:c4ff:fe80:a9b4.5353 > ff02::fb.5353: [udp sum ok] 799+ AAAA (QM)? mach1.local. (29)
18:12:30.977456 IP (tos 0x0, ttl 255, id 28669, offset 0, flags [none], proto UDP (17), length 57)
    192.168.2.15.5353 > 224.0.0.251.5353: 873+ ANY (QM)? mach1.local. (29)
18:12:30.977527 IP6 (hlim 255, next-header UDP (17) payload length: 37) fe80::3631:c4ff:fe80:a9b4.5353 > ff02::fb.5353: [udp sum ok] 873+ ANY (QM)? mach1.local. (29)
18:12:30.978014 IP (tos 0x0, ttl 255, id 7532, offset 0, flags [DF], proto UDP (17), length 95)
    192.168.2.3.5353 > 224.0.0.251.5353: 0*- [0q] 2/0/0 mach3.local. (Cache flush) AAAA fd00::baee:65ff:fe09:660c, mach3.local. (Cache flush) A 192.168.2.3 (67)
18:12:30.978234 IP (tos 0x0, ttl 255, id 51210, offset 0, flags [DF], proto UDP (17), length 67)
    192.168.2.1.5353 > 224.0.0.251.5353: 0*- [0q] 1/0/0 mach1.local. (Cache flush) A 192.168.2.1 (39)
18:12:31.061846 IP (tos 0x0, ttl 255, id 51366, offset 0, flags [DF], proto UDP (17), length 152)
    192.168.2.27.5353 > 224.0.0.251.5353: 0*- [0q] 3/0/1 HP842AFD9852FF.local. (Cache flush) A 192.168.2.27, HP842AFD9852FF.local. (Cache flush) AAAA fe80::862a:fdff:fe98:52ff, HP842AFD9852FF.local. (Cache flush) AAAA fd00::862a:fdff:fe98:52ff (124)
18:12:31.063914 IP6 (flowlabel 0x270d9, hlim 255, next-header UDP (17) payload length: 132) fe80::862a:fdff:fe98:52ff.5353 > ff02::fb.5353: [udp sum ok] 0*- [0q] 3/0/1 HP842AFD9852FF.local. (Cache flush) A 192.168.2.27, HP842AFD9852FF.local. (Cache flush) AAAA fe80::862a:fdff:fe98:52ff, HP842AFD9852FF.local. (Cache flush) AAAA fd00::862a:fdff:fe98:52ff (124)
18:12:31.485839 34:31:c4:80:a9:b4 > ff:ff:ff:ff:ff:ff, ethertype Unknown (0x88e1), length 60: 
        0x0000:  0000 a000 b052 1c22 f477 0000 0000 0000  .....R.".w......
        0x0010:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0020:  0000 0000 0000 0000 0000 0000 0000       ..............
18:12:31.486850 34:31:c4:80:a9:b4 > ff:ff:ff:ff:ff:ff, ethertype Unknown (0x8912), length 60: 
        0x0000:  0170 a000 0000 1f84 22a3 97a2 5553 bef1  .p......"...US..
        0x0010:  fcf9 796b 5214 13e9 e200 0000 0000 0000  ..ykR...........
        0x0020:  0000 0000 0000 0000 0000 0000 0000       ..............
18:12:33.486429 34:31:c4:80:a9:b4 > ff:ff:ff:ff:ff:ff, ethertype Unknown (0x88e1), length 60: 
        0x0000:  0000 a000 b052 1c22 f477 0000 0000 0000  .....R.".w......
        0x0010:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0020:  0000 0000 0000 0000 0000 0000 0000       ..............
18:12:33.487354 34:31:c4:80:a9:b4 > ff:ff:ff:ff:ff:ff, ethertype Unknown (0x8912), length 60: 
        0x0000:  0170 a000 0000 1f84 22a3 97a2 5553 bef1  .p......"...US..
        0x0010:  fcf9 796b 5214 13e9 e200 0000 0000 0000  ..ykR...........
        0x0020:  0000 0000 0000 0000 0000 0000 0000       ..............
18:12:33.517004 EAPOL key (3) v2, len 127
18:12:33.521732 EAPOL key (3) v1, len 95
18:12:35.487940 34:31:c4:80:a9:b4 > ff:ff:ff:ff:ff:ff, ethertype Unknown (0x88e1), length 60: 
        0x0000:  0000 a000 b052 1c22 f477 0000 0000 0000  .....R.".w......
        0x0010:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0020:  0000 0000 0000 0000 0000 0000 0000       ..............
18:12:35.488930 34:31:c4:80:a9:b4 > ff:ff:ff:ff:ff:ff, ethertype Unknown (0x8912), length 60: 
        0x0000:  0170 a000 0000 1f84 22a3 97a2 5553 bef1  .p......"...US..
        0x0010:  fcf9 796b 5214 13e9 e200 0000 0000 0000  ..ykR...........
        0x0020:  0000 0000 0000 0000 0000 0000 0000       ..............
18:12:37.488427 34:31:c4:80:a9:b4 > ff:ff:ff:ff:ff:ff, ethertype Unknown (0x88e1), length 60: 
        0x0000:  0000 a000 b052 1c22 f477 0000 0000 0000  .....R.".w......
        0x0010:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0020:  0000 0000 0000 0000 0000 0000 0000       ..............
18:12:37.489456 34:31:c4:80:a9:b4 > ff:ff:ff:ff:ff:ff, ethertype Unknown (0x8912), length 60: 
        0x0000:  0170 a000 0000 1f84 22a3 97a2 5553 bef1  .p......"...US..
        0x0010:  fcf9 796b 5214 13e9 e200 0000 0000 0000  ..ykR...........
        0x0020:  0000 0000 0000 0000 0000 0000 0000       ..............
^C
23 packets captured
23 packets received by filter
0 packets dropped by kernel

Looks sensible

Whiteboard: (none) => MGA9-64-OK
CC: (none) => herman.viaene

katnatek 2026-01-06 19:40:44 CET

Keywords: (none) => advisory

Comment 3 Thomas Andrews 2026-01-10 01:46:38 CET 
Validating.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

Comment 4 Mageia Robot 2026-01-10 06:08:58 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2026-0005.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.