This issue has been reproduced with ICMP Destination Unreachable types 13 (Communication Administratively Prohibited) and type 0 (Net Unreachable) messages. Other Destination Unreachable messages may also be affected.
Thanks so much for this critical bug report! We recently added a new check
for ICMP messages which calls the icmpid() function, but we didn't add a
corresponding check to be sure that function was safe to call. Would you be
able to apply the attached patch and let us know if it solves the issue?
The version I pulled from the github repo says "Nmap 6.47SVN". Is that OK?
I applied the patch to the tarball published on the website as Nmap-6.49BETA1 and the cloned github repo and compiled both. (just to be sure)