CVE-2026-48690
Publication date 26 May 2026
Last updated 27 May 2026
Ubuntu priority
Description
FastNetMon Community Edition through 1.2.9 contains an integer overflow vulnerability in the packet capture buffer allocation. In src/packet_storage.hpp, the allocate_buffer() function computes memory_size_in_bytes as 'buffer_size_in_packets * (max_captured_packet_size + sizeof(fastnetmon_pcap_pkthdr_t)) + sizeof(fastnetmon_pcap_file_header_t)' using unsigned int (32-bit) arithmetic. With max_captured_packet_size=1500 and sizeof(fastnetmon_pcap_pkthdr_t)=16, each packet requires approximately 1516 bytes. If buffer_size_in_packets exceeds approximately 2,832,542, the multiplication overflows, resulting in a much smaller allocation than expected. Subsequent write_packet() calls then write past the allocated buffer, causing heap corruption. The buffer_size_in_packets value is derived from the ban_details_records_count configuration parameter, which is parsed using atoi() with no overflow checking.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| fastnetmon | 26.04 LTS resolute |
Needs evaluation
|
| 25.10 questing |
Needs evaluation
|
|
| 24.04 LTS noble |
Needs evaluation
|
|
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal |
Needs evaluation
|
|
| 18.04 LTS bionic |
Needs evaluation
|
Severity score breakdown
CVSS version: CVSS v3.0
Base score
7.1 · High
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
References
Other references
- https://www.cve.org/CVERecord?id=CVE-2026-48690
- https://lorikeetsecurity.com/blog/fastnetmon-cve-2026-48690-packet-storage-integer-overflow
- https://github.com/pavel-odintsov/fastnetmon/commit/4606af43731055297063177263c0107b82ef8986
- https://github.com/pavel-odintsov/fastnetmon/pull/1056
- https://github.com/pavel-odintsov/fastnetmon
- https://github.com/pavel-odintsov/fastnetmon/blob/master/src/packet_storage.hpp