Headline
GHSA-fj69-23m4-ccvv: Elasticsearch Packetbeat has Excessive Allocation of Memory and CPU via Malicious IPv4 Fragments
Allocation of resources without limits or throttling (CWE-770) allows an unauthenticated remote attacker to cause excessive allocation (CAPEC-130) of memory and CPU via the integration of malicious IPv4 fragments, leading to denial-of-service in Packetbeat.
Skip to content
Navigation Menu
AI CODE CREATION
GitHub CopilotWrite better code with AI
GitHub SparkBuild and deploy intelligent apps
GitHub ModelsManage and compare prompts
MCP RegistryNewIntegrate external tools
View all features
- Pricing
Provide feedback
Saved searches****Use saved searches to filter your results more quickly
Sign up
Appearance settings
- GitHub Advisory Database
- GitHub Reviewed
- CVE-2025-68388
Elasticsearch Packetbeat has Excessive Allocation of Memory and CPU via Malicious IPv4 Fragments
High severity GitHub Reviewed Published Dec 19, 2025 to the GitHub Advisory Database • Updated Dec 20, 2025
Package
gomod github.com/elastic/beats (Go)
Affected versions
>= 8.6.0, < 8.19.9
>= 9.0.0, < 9.1.9
>= 9.2.0, < 9.2.3
Patched versions
8.19.9
9.1.9
9.2.3
gomod github.com/elastic/beats/v7 (Go)
< 7.0.0-alpha2.0.20251209162832-28cfc80d2f4e
7.0.0-alpha2.0.20251209162832-28cfc80d2f4e
Description
Published to the GitHub Advisory Database
Dec 19, 2025
Last updated
Dec 20, 2025