x/vulndb: potential Go vuln in github.com/elastic/beats/v7: GHSA-fj69-23m4-ccvv #4253
Description
Advisory GHSA-fj69-23m4-ccvv references a vulnerability in the following Go modules:
| Module |
|---|
| github.com/elastic/beats |
| github.com/elastic/beats/v2 |
| github.com/elastic/beats/v3 |
| github.com/elastic/beats/v4 |
| github.com/elastic/beats/v7 |
Description:
Allocation of resources without limits or throttling (CWE-770) allows an unauthenticated remote attacker to cause excessive allocation (CAPEC-130) of memory and CPU via the integration of malicious IPv4 fragments, leading to denial-of-service in Packetbeat.
References:
- ADVISORY: GHSA-fj69-23m4-ccvv
- ADVISORY: https://nvd.nist.gov/vuln/detail/CVE-2025-68388
- FIX: elastic/beats@28cfc80
- WEB: https://discuss.elastic.co/t/packetbeat-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-29/384177
Cross references:
- github.com/elastic/beats appears in 1 other report(s):
- data/reports/GO-2022-0643.yaml (x/vulndb: potential Go vuln in github.com/elastic/beats/packetbeat/protos/pgsql: GHSA-9q3g-m353-cp4p #643)
- github.com/elastic/beats/v7 appears in 1 other report(s):
- data/reports/GO-2023-2413.yaml (x/vulndb: potential Go vuln in github.com/elastic/beats: GHSA-hj4r-2c9c-29h3 #2413)
See doc/quickstart.md for instructions on how to triage this report.
id: GO-ID-PENDING
modules:
- module: github.com/elastic/beats
non_go_versions:
- introduced: 8.6.0
- fixed: 8.19.9
- introduced: 9.0.0
- fixed: 9.1.9
- introduced: 9.2.0
- fixed: 9.2.3
vulnerable_at: 6.8.23+incompatible
- module: github.com/elastic/beats/v2
- module: github.com/elastic/beats/v3
- module: github.com/elastic/beats/v4
- module: github.com/elastic/beats/v7
versions:
- fixed: 7.0.0-alpha2.0.20251209162832-28cfc80d2f4e
vulnerable_at: 7.0.0-alpha2
summary: |-
Elasticsearch Packetbeat has Excessive Allocation of Memory and CPU via
Malicious IPv4 Fragments in github.com/elastic/beats
cves:
- CVE-2025-68388
ghsas:
- GHSA-fj69-23m4-ccvv
references:
- advisory: https://github.com/advisories/GHSA-fj69-23m4-ccvv
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2025-68388
- fix: https://github.com/elastic/beats/commit/28cfc80d2f4e80bfd1c72eb3f849d777751ab870
- web: https://discuss.elastic.co/t/packetbeat-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-29/384177
notes:
- fix: 'github.com/elastic/beats/v2: could not add vulnerable_at: no fix, but could not find latest version from proxy: unexpected end of JSON input'
- fix: 'github.com/elastic/beats/v3: could not add vulnerable_at: no fix, but could not find latest version from proxy: unexpected end of JSON input'
- fix: 'github.com/elastic/beats/v4: could not add vulnerable_at: no fix, but could not find latest version from proxy: unexpected end of JSON input'
source:
id: GHSA-fj69-23m4-ccvv
created: 2025-12-20T18:04:40.280328197Z
review_status: UNREVIEWED