{"affected":[{"ecosystem_specific":{"binaries":[{"libpcap1":"1.10.4-slfo.1.1_2.1"}]},"package":{"ecosystem":"SUSE:Linux Micro 6.1","name":"libpcap","purl":"pkg:rpm/suse/libpcap&distro=SUSE%20Linux%20Micro%206.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.10.4-slfo.1.1_2.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for libpcap fixes the following issues:\n\n- CVE-2025-11961: missing validation of provided MAC-48 address string in `pcap_ether_aton()` can lead to out-of-bounds\n  read and write (bsc#1255765).\n- CVE-2024-8006: missing return value check in `pcap_findalldevs_ex()` can lead to NULL pointer dereference\n  (bsc#1230034).\n- CVE-2023-7256: unclear value returned by  `sock_initaddress()` can lead to a double-free (bsc#1230020).\n","id":"SUSE-SU-2026:20064-1","modified":"2026-01-08T16:16:36Z","published":"2026-01-08T16:16:36Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2026/suse-su-202620064-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230020"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230034"},{"type":"REPORT","url":"https://bugzilla.suse.com/1255765"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-7256"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-8006"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-11961"}],"related":["CVE-2023-7256","CVE-2024-8006","CVE-2025-11961"],"summary":"Security update for libpcap","upstream":["CVE-2023-7256","CVE-2024-8006","CVE-2025-11961"]}