CNNVD-202601-4852 Information

CNNVD ID

CNNVD-202601-4852

Related CVE

CVE-2026-25061

• CNNVD Published: 2026-01-29

Description (Chinese)

TCPFLOW是Simson L. Garfinkel个人开发者的一个TCP/IP数据包解复用器。 TCPFLOW 1.61及之前版本存在缓冲区错误漏洞，该漏洞源于wifipcap在处理TIM元素时对错误字段进行长度检查，可能导致越界写入和拒绝服务。

Description (English)

TCPFLOW is a TCP/IP package fixer for Simson L. Garfinkel ’ s personal developer. TCPFLOW 1.61 and earlier versions had an error loophole in the buffer zone, which stemmed from the length check of error fields in the processing of TIM elements by wifipcap, which could lead to cross-border writing and denial of services.

Hazard Level

High

Vulnerability Type

缓冲区错误

Affected Vendor

个人开发者

Published

2026-01-29

Last Modified

2026-02-24

References

https://github.com/simsong/tcpflow/security/advisories/GHSA-q5q6-frrv-9rj6 https://access.redhat.com/security/cve/cve-2026-25061