CVE-2025-48964: 
Linux Ubuntu vulnerability analysis and mitigation

CVE-2025-48964 affects the ping utility in iputils before version 20250602. The vulnerability is an integer overflow that occurs when processing ICMP Echo Reply packets with zero timestamps in adaptive ping mode. This issue exists as an incomplete fix for CVE-2025-47268, where the original fix only addressed timestamp calculations but did not account for scenarios where the original timestamp in the ICMP payload is zero (NVD, SUSE).

The vulnerability occurs in the ping statistics calculations when processing ICMP Echo Reply packets. When a packet with a zero timestamp is received, it generates large intermediate values that cause an integer overflow when squared during statistics calculations. The issue manifests in the gatherstatistics() and finish() functions within pingcommon.c. The CVSS v3.1 base score is 6.5 (Medium) with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L (NVD, GitHub Advisory).

The vulnerability can lead to corruption of network diagnostics data and potential denial of service in adaptive ping mode. When exploited, it can cause ping to report incorrect statistics, including negative packet loss values and corrupted RTT (Round Trip Time) calculations. This particularly affects systems using ping's adaptive mode (-A flag), where the corrupted RTT values can completely break timing calculations (GitHub Advisory).

The vulnerability has been fixed in iputils version 20250602. The fix involves modifying the RTT calculation to prevent integer overflow by using uint64_t for RTT values and adding proper type casting. Users are advised to upgrade to this version or later. The fix was implemented through commit afa36390394a6e0cceba03b52b59b6d41710608c (GitHub Release, GitHub Commit).