-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4478-1 [email protected] https://www.debian.org/lts/security/ Paride Legovini February 10, 2026 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : tcpflow Version : 1.5.2+repack1-1+deb11u1 CVE ID : CVE-2026-25061 Debian Bug : #1126695 A bug has been found in the tcpflow package: a wrong length check in the 802.11 management frame parser allows a crafted frame with a large TIM length to cause an out-of-bounds write, resulting in a DoS and potentially in code execution. For Debian 11 bullseye, this problem has been fixed in version 1.5.2+repack1-1+deb11u1. We recommend that you upgrade your tcpflow packages. For the detailed security status of tcpflow please refer to its security tracker page at: https://security-tracker.debian.org/tracker/tcpflow Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- wsC7BAEBCgBvBYJpi4GgCRDWWGGIPgFNuUcUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmeqsEOAzr1i08JsIvsTsQmBP4dN4+I1RfSSB+pCjqZX 3BYhBFYa1YXu12aSG6jdltZYYYg+AU25AADZOQgAk/thkZvBmUQqUj4OzAGAcR84 5nmqVUzQe2vlcCacTd1esAiMfP1msgj4H8v9tiuYoXqCED8Dgb5X7kGjZc5eKCYO FJHR9GSavAhzZUdbdZRCasaSqqfv0gazH37Zq0UKzf1B8VvU/hhZtqW+gTW18vpb sy4BFoZF2hz9qH6BDk4WAeL6q9q7RKN6x4trKGLvx3kIC/tAcvEM6dghmnG78K63 y7034DhSe0uq9ybgE+neaZ1Q1UnNaPqRGt/5iTbacMciqNadKppm3AavOEmvCQxx Zo/qMaSS4EuwzuVssda+RS5Q3k0MSv1HgaUTfxI3Wp9pvPjTfMWjzqG0edLgqg== =NU8r -----END PGP SIGNATURE-----
