CVE-2026-25061
Off-by-One Buffer Overflow in tcpflow wifipcap Causes DoS
Publication date: 2026-01-29
Last updated on: 2026-02-25
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| digitalcorpora | tcpflow | to 1.6.1 (inc) |
| debian | debian_linux | 11.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in wifipcap versions up to 1.61, where the software incorrectly performs a length check on the wrong field when parsing the TIM element of 802.11 management frames. A specially crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past the buffer tim.bitmap[251], leading to a small buffer overflow on the stack.
How can this vulnerability impact me? :
The primary impact of this vulnerability is a denial of service (DoS) due to the out-of-bounds write. While code execution is theoretically possible, it is uncertain. The overflow is small and affects a stack-allocated structure, which may cause the application to crash or behave unexpectedly.
What immediate steps should I take to mitigate this vulnerability?
As of the time of publication, no known patches are available. Immediate mitigation steps are not specified in the provided information.