Source: tcpdump
Version: 4.9.3~git20190901-2
Severity: important
Tags: security upstream
Control: found -1 4.9.2-3
Control: found -1 4.9.2-1~deb9u1
Control: found -1 4.9.2-1

Hi,

The following vulnerabilities were published for tcpdump.

CVE-2018-10103[0]:
| tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of
| 2).


CVE-2018-10105[1]:
| tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of
| 2).


CVE-2018-14461[2]:
| The LDP parser in tcpdump before 4.9.3 has a buffer over-read in
| print-ldp.c:ldp_tlv_print().


CVE-2018-14462[3]:
| The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in
| print-icmp.c:icmp_print().


CVE-2018-14463[4]:
| The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in
| print-vrrp.c:vrrp_print().


CVE-2018-14464[5]:
| The LMP parser in tcpdump before 4.9.3 has a buffer over-read in
| print-lmp.c:lmp_print_data_link_subobjs().


CVE-2018-14465[6]:
| The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in
| print-rsvp.c:rsvp_obj_print().


CVE-2018-14466[7]:
| The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-
| rx.c:rx_cache_find() and rx_cache_insert().


CVE-2018-14467[8]:
| The BGP parser in tcpdump before 4.9.3 has a buffer over-read in
| print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).


CVE-2018-14468[9]:
| The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in
| print-fr.c:mfr_print().


CVE-2018-14469[10]:
| The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in
| print-isakmp.c:ikev1_n_print().


CVE-2018-14470[11]:
| The Babel parser in tcpdump before 4.9.3 has a buffer over-read in
| print-babel.c:babel_print_v2().


CVE-2018-14879[12]:
| The command-line argument parser in tcpdump before 4.9.3 has a buffer
| overflow in tcpdump.c:get_next_file().


CVE-2018-14880[13]:
| The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in
| print-ospf6.c:ospf6_print_lshdr().


CVE-2018-14881[14]:
| The BGP parser in tcpdump before 4.9.3 has a buffer over-read in
| print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).


CVE-2018-14882[15]:
| The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in
| print-icmp6.c.


CVE-2018-16227[16]:
| The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read
| in print-802_11.c for the Mesh Flags subfield.


CVE-2018-16228[17]:
| The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in
| print-hncp.c:print_prefix().


CVE-2018-16229[18]:
| The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in
| print-dccp.c:dccp_print_option().


CVE-2018-16230[19]:
| The BGP parser in tcpdump before 4.9.3 has a buffer over-read in
| print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).


CVE-2018-16300[20]:
| The BGP parser in tcpdump before 4.9.3 allows stack consumption in
| print-bgp.c:bgp_attr_print() because of unlimited recursion.


CVE-2018-16451[21]:
| The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-
| smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.


CVE-2018-16452[22]:
| The SMB parser in tcpdump before 4.9.3 has stack exhaustion in
| smbutil.c:smb_fdata() via recursion.


CVE-2019-15166[23]:
| lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3
| lacks certain bounds checks.


If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-10103
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10103
[1] https://security-tracker.debian.org/tracker/CVE-2018-10105
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10105
[2] https://security-tracker.debian.org/tracker/CVE-2018-14461
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14461
[3] https://security-tracker.debian.org/tracker/CVE-2018-14462
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14462
[4] https://security-tracker.debian.org/tracker/CVE-2018-14463
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14463
[5] https://security-tracker.debian.org/tracker/CVE-2018-14464
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14464
[6] https://security-tracker.debian.org/tracker/CVE-2018-14465
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14465
[7] https://security-tracker.debian.org/tracker/CVE-2018-14466
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14466
[8] https://security-tracker.debian.org/tracker/CVE-2018-14467
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14467
[9] https://security-tracker.debian.org/tracker/CVE-2018-14468
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14468
[10] https://security-tracker.debian.org/tracker/CVE-2018-14469
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14469
[11] https://security-tracker.debian.org/tracker/CVE-2018-14470
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14470
[12] https://security-tracker.debian.org/tracker/CVE-2018-14879
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14879
[13] https://security-tracker.debian.org/tracker/CVE-2018-14880
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14880
[14] https://security-tracker.debian.org/tracker/CVE-2018-14881
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14881
[15] https://security-tracker.debian.org/tracker/CVE-2018-14882
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14882
[16] https://security-tracker.debian.org/tracker/CVE-2018-16227
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16227
[17] https://security-tracker.debian.org/tracker/CVE-2018-16228
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16228
[18] https://security-tracker.debian.org/tracker/CVE-2018-16229
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16229
[19] https://security-tracker.debian.org/tracker/CVE-2018-16230
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16230
[20] https://security-tracker.debian.org/tracker/CVE-2018-16300
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16300
[21] https://security-tracker.debian.org/tracker/CVE-2018-16451
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16451
[22] https://security-tracker.debian.org/tracker/CVE-2018-16452
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16452
[23] https://security-tracker.debian.org/tracker/CVE-2019-15166
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15166

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Reply via email to