Fedora 43 tcpflow Experiences Low Out Of Band Write CVE-2026-25061 Advisory
fedora
April 4, 2026
The update fixes CVS-2026-25061
Summary
tcpflow is a program that captures data transmitted as part of TCP
connections (flows), and stores the data in a way that is convenient
for protocol analysis or debugging. A program like 'tcpdump' shows a
summary of packets seen on the wire, but usually doesn't store the
data that's actually being transmitted. In contrast, tcpflow
reconstructs the actual data streams and stores each flow in a
separate file for later analysis.
Update Information:
The update fixes CVS-2026-25061
Topics Covered
Change Log
* Thu Mar 26 2026 Terje Rsten
References
[ 1 ] Bug #2435430 - CVE-2026-25061 tcpflow: tcpflow TIM Element OOB Write [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=2435430
[ 2 ] Bug #2435431 - CVE-2026-25061 tcpflow: tcpflow TIM Element OOB Write [epel-9]
https://bugzilla.redhat.com/show_bug.cgi?id=2435431
[ 3 ] Bug #2435432 - CVE-2026-25061 tcpflow: tcpflow TIM Element OOB Write [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2435432
[ 4 ] Bug #2435433 - CVE-2026-25061 tcpflow: tcpflow TIM Element OOB Write [fedora-43]
https://bugzilla.redhat.com/show_bug.cgi?id=2435433
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-4398680e1a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
low
Lowest
Low
Medium
High
Critical
Name: tcpflow
Product: Fedora 43
Version: 1.6.2
Release: 0.1.8d47b53.fc43
Summary: Network traffic recorder
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!