top of page
perceptive_background_267k.jpg

Packetbeat 8.19.9, 9.1.9, and 9.2.3 Security Update (ESA-2025-29)

Published:

18 december 2025 om 21:13:38

Alert date:

18 december 2025 om 22:04:21

Source:

discuss.elastic.co

Click to open the original link from this advisory

Packetbeat versions 7.x through 9.2.2 contain a resource allocation vulnerability (CVE-2025-68388) that allows unauthenticated remote attackers to cause denial-of-service through malicious IPv4 fragments. The vulnerability scores 7.5 (High) on CVSS and affects memory and CPU resources without proper limits or throttling. Fixed versions are available: 8.19.9, 9.1.9, and 9.2.3. The issue is classified as CWE-770 (Allocation of Resources Without Limits) and CAPEC-130 (Excessive Allocation).

Technical details

Mitigation steps:

Affected products:

Packetbeat

Related links:

https://discuss.elastic.co/t/packetbeat-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-29/384177

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page