CVE-2025-68388
Aliases:GHSA-fj69-23m4-ccvvGO-2025-4253
Advisory lineage Upstream: 0 Downstream: 1
Downstream
Analyzed
Published: 18 Dec 2025, 21:33
Last modified:19 Dec 2025, 11:46
Vulnerability Summary
Overall Risk (default)
low
21/100 CVSS Score
5.3 MEDIUM
v3.1 (cve.org)
EPSS Score
0.13% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
18 Dec 2025, 21:33
Published
Vulnerability first disclosed
19 Dec 2025, 11:46
Last Modified
Vulnerability information updated
Description
Allocation of resources without limits or throttling (CWE-770) allows an unauthenticated remote attacker to cause excessive allocation (CAPEC-130) of memory and CPU via the integration of malicious IPv4 fragments, leading to a degradation in Packetbeat.
CVSS Metrics
- v3.1•MEDIUM•Score: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
- v3.1•HIGH•Score: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Trends
Current EPSS score: 0.13%• Percentile: 32%
Techniques & Countermeasures
- CWE-770•Allocation of Resources Without Limits or Throttling
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
Affected Systems
- elastic•packetbeat
≥ 8.6.0, ≤ 8.19.8 | ≥ 9.0.0, ≤ 9.1.8 | ≥ 9.2.0, ≤ 9.2.2
- elasticsearch•packetbeat
≥ 8.6.0, < 8.19.9 | ≥ 9.0.0, < 9.1.9 | ≥ 9.2.0, < 9.2.3
- github.com/elastic•beats
≥ 8.6.0, < 8.19.9 | ≥ 9.0.0, < 9.1.9 | ≥ 9.2.0, < 9.2.3 | all
- github.com/elastic/beats•v7
< 7.0.0-alpha2.0.20251209162832-28cfc80d2f4e
References (5)
- https://discuss.elastic.co/t/packetbeat-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-29/384177
- https://nvd.nist.gov/vuln/detail/CVE-2025-68388
- https://github.com/elastic/beats/commit/28cfc80d2f4e80bfd1c72eb3f849d777751ab870
- https://github.com/elastic/beats
- https://github.com/advisories/GHSA-fj69-23m4-ccvv