Primary

Context

Libpcap Buffer Overflow Vulnerability in UTF-8 Conversion on Windows

Vulnerability

Patched

A buffer overflow vulnerability has been identified in libpcap, specifically on Windows systems. The issue arises when libpcap attempts to convert a Windows error message to UTF-8. If the message contains characters that UTF-8 encodes using four bytes, the function 'utf_16le_to_utf_8_truncated()' can inadvertently write beyond the end of the allocated buffer. This vulnerability affects libpcap versions prior to 1.10.6.

Impact

Exploitation of this vulnerability can lead to a buffer overflow, which may allow for arbitrary code execution or cause a denial-of-service condition.

Remediation

Users can upgrade to libpcap version 1.10.6 or later to address this vulnerability.

Added: Dec 31, 2025, 1:18 AM

Updated: Dec 31, 2025, 1:18 AM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

0.6

exploitability

3.5

remediation

7.7

relevance

1.8

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

0.6

exploitability

3.5

remediation

7.7

relevance

1.8

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Libpcap Buffer Overflow Vulnerability in UTF-8 Conversion on Windows

Vulnerability

Impact

Remediation

Affected Products

libpcap

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating