Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-12995
Vulnerability from cvelistv5
Published
2017-09-14 06:00
Modified
2024-08-05 18:51
Severity ?
EPSS score ?
Summary
The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T18:51:07.512Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201709-23", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201709-23" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT208221" }, { "name": "DSA-3971", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2017/dsa-3971" }, { "name": "1039307", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1039307" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/the-tcpdump-group/tcpdump/commit/3a76fd7c95fced2c2f8c8148a9055c3a542eff29" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.tcpdump.org/tcpdump-changes.txt" }, { "name": "RHEA-2018:0705", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2017-09-14T00:00:00", "descriptions": [ { "lang": "en", "value": "The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print()." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-05-16T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "GLSA-201709-23", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201709-23" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT208221" }, { "name": "DSA-3971", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2017/dsa-3971" }, { "name": "1039307", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1039307" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/the-tcpdump-group/tcpdump/commit/3a76fd7c95fced2c2f8c8148a9055c3a542eff29" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.tcpdump.org/tcpdump-changes.txt" }, { "name": "RHEA-2018:0705", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-12995", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print()." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201709-23", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201709-23" }, { "name": "https://support.apple.com/HT208221", "refsource": "CONFIRM", "url": "https://support.apple.com/HT208221" }, { "name": "DSA-3971", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3971" }, { "name": "1039307", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039307" }, { "name": "https://github.com/the-tcpdump-group/tcpdump/commit/3a76fd7c95fced2c2f8c8148a9055c3a542eff29", "refsource": "CONFIRM", "url": "https://github.com/the-tcpdump-group/tcpdump/commit/3a76fd7c95fced2c2f8c8148a9055c3a542eff29" }, { "name": "http://www.tcpdump.org/tcpdump-changes.txt", "refsource": "CONFIRM", "url": "http://www.tcpdump.org/tcpdump-changes.txt" }, { "name": "RHEA-2018:0705", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-12995", "datePublished": "2017-09-14T06:00:00", "dateReserved": "2017-08-21T00:00:00", "dateUpdated": "2024-08-05T18:51:07.512Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2017-12995\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-09-14T06:29:00.937\",\"lastModified\":\"2024-11-21T03:10:36.647\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().\"},{\"lang\":\"es\",\"value\":\"El analizador sint\u00e1ctico DNS en tcpdump en versiones anteriores a la 4.9.2 podr\u00eda introducir un bucle infinito por un fallo en print-domain.c:ns_print().\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-835\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcpdump:tcpdump:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.9.1\",\"matchCriteriaId\":\"15620492-1343-4632-A942-281535A101B7\"}]}]}],\"references\":[{\"url\":\"http://www.debian.org/security/2017/dsa-3971\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id/1039307\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.tcpdump.org/tcpdump-changes.txt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHEA-2018:0705\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/the-tcpdump-group/tcpdump/commit/3a76fd7c95fced2c2f8c8148a9055c3a542eff29\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201709-23\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://support.apple.com/HT208221\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2017/dsa-3971\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1039307\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.tcpdump.org/tcpdump-changes.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHEA-2018:0705\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/the-tcpdump-group/tcpdump/commit/3a76fd7c95fced2c2f8c8148a9055c3a542eff29\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201709-23\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT208221\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}" } }
ghsa-fm82-qvr8-64ww
Vulnerability from github
Published
2022-05-13 01:42
Modified
2022-05-13 01:42
Severity ?
Details
The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().
{ "affected": [], "aliases": [ "CVE-2017-12995" ], "database_specific": { "cwe_ids": [ "CWE-835" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2017-09-14T06:29:00Z", "severity": "HIGH" }, "details": "The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().", "id": "GHSA-fm82-qvr8-64ww", "modified": "2022-05-13T01:42:52Z", "published": "2022-05-13T01:42:52Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12995" }, { "type": "WEB", "url": "https://github.com/the-tcpdump-group/tcpdump/commit/3a76fd7c95fced2c2f8c8148a9055c3a542eff29" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHEA-2018:0705" }, { "type": "WEB", "url": "https://security.gentoo.org/glsa/201709-23" }, { "type": "WEB", "url": "https://support.apple.com/HT208221" }, { "type": "WEB", "url": "http://www.debian.org/security/2017/dsa-3971" }, { "type": "WEB", "url": "http://www.securitytracker.com/id/1039307" }, { "type": "WEB", "url": "http://www.tcpdump.org/tcpdump-changes.txt" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ] }
rhea-2018_0705
Vulnerability from csaf_redhat
Published
2018-04-10 00:00
Modified
2024-11-22 11:30
Summary
Red Hat Enhancement Advisory: tcpdump bug fix and enhancement update
Notes
Topic
An update for tcpdump is now available for Red Hat Enterprise Linux 7.
Details
The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces.
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.
Users of tcpdump are advised to upgrade to these updated packages.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for tcpdump is now available for Red Hat Enterprise Linux 7.", "title": "Topic" }, { "category": "general", "text": "The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces.\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.\n\nUsers of tcpdump are advised to upgrade to these updated packages.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHEA-2018:0705", "url": "https://access.redhat.com/errata/RHEA-2018:0705" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-US/red_hat_enterprise_linux/7/html/7.5_release_notes/index.html", "url": "https://access.redhat.com/documentation/en-US/red_hat_enterprise_linux/7/html/7.5_release_notes/index.html" }, { "category": "external", "summary": "1464390", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1464390" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhea-2018_0705.json" } ], "title": "Red Hat Enhancement Advisory: tcpdump bug fix and enhancement update", "tracking": { "current_release_date": "2024-11-22T11:30:03+00:00", "generator": { "date": "2024-11-22T11:30:03+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHEA-2018:0705", "initial_release_date": "2018-04-10T00:00:00+00:00", "revision_history": [ { "date": "2018-04-10T00:00:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-04-10T11:58:24+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T11:30:03+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Client (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ComputeNode (v. 7)", "product": { "name": "Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product": { "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "tcpdump-14:4.9.2-3.el7.x86_64", "product": { "name": "tcpdump-14:4.9.2-3.el7.x86_64", "product_id": "tcpdump-14:4.9.2-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tcpdump@4.9.2-3.el7?arch=x86_64\u0026epoch=14" } } }, { "category": "product_version", "name": "tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "product": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "product_id": "tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tcpdump-debuginfo@4.9.2-3.el7?arch=x86_64\u0026epoch=14" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "tcpdump-14:4.9.2-3.el7.src", "product": { "name": "tcpdump-14:4.9.2-3.el7.src", "product_id": "tcpdump-14:4.9.2-3.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tcpdump@4.9.2-3.el7?arch=src\u0026epoch=14" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "tcpdump-14:4.9.2-3.el7.s390x", "product": { "name": "tcpdump-14:4.9.2-3.el7.s390x", "product_id": "tcpdump-14:4.9.2-3.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/tcpdump@4.9.2-3.el7?arch=s390x\u0026epoch=14" } } }, { "category": "product_version", "name": "tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "product": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "product_id": "tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/tcpdump-debuginfo@4.9.2-3.el7?arch=s390x\u0026epoch=14" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "tcpdump-14:4.9.2-3.el7.ppc64", "product": { "name": "tcpdump-14:4.9.2-3.el7.ppc64", "product_id": "tcpdump-14:4.9.2-3.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tcpdump@4.9.2-3.el7?arch=ppc64\u0026epoch=14" } } }, { "category": "product_version", "name": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "product": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "product_id": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tcpdump-debuginfo@4.9.2-3.el7?arch=ppc64\u0026epoch=14" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "tcpdump-14:4.9.2-3.el7.ppc64le", "product": { "name": "tcpdump-14:4.9.2-3.el7.ppc64le", "product_id": "tcpdump-14:4.9.2-3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/tcpdump@4.9.2-3.el7?arch=ppc64le\u0026epoch=14" } } }, { "category": "product_version", "name": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "product": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "product_id": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/tcpdump-debuginfo@4.9.2-3.el7?arch=ppc64le\u0026epoch=14" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "tcpdump-14:4.9.2-3.el7.aarch64", "product": { "name": "tcpdump-14:4.9.2-3.el7.aarch64", "product_id": "tcpdump-14:4.9.2-3.el7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tcpdump@4.9.2-3.el7?arch=aarch64\u0026epoch=14" } } }, { "category": "product_version", "name": "tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "product": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "product_id": "tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tcpdump-debuginfo@4.9.2-3.el7?arch=aarch64\u0026epoch=14" } } } ], "category": "architecture", "name": "aarch64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64" }, "product_reference": "tcpdump-14:4.9.2-3.el7.aarch64", "relates_to_product_reference": "7Client-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64" }, "product_reference": "tcpdump-14:4.9.2-3.el7.ppc64", "relates_to_product_reference": "7Client-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le" }, "product_reference": "tcpdump-14:4.9.2-3.el7.ppc64le", "relates_to_product_reference": "7Client-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x" }, "product_reference": "tcpdump-14:4.9.2-3.el7.s390x", "relates_to_product_reference": "7Client-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.src as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5:tcpdump-14:4.9.2-3.el7.src" }, "product_reference": "tcpdump-14:4.9.2-3.el7.src", "relates_to_product_reference": "7Client-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64" }, "product_reference": "tcpdump-14:4.9.2-3.el7.x86_64", "relates_to_product_reference": "7Client-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "relates_to_product_reference": "7Client-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "relates_to_product_reference": "7Client-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "relates_to_product_reference": "7Client-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "relates_to_product_reference": "7Client-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "relates_to_product_reference": "7Client-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64" }, "product_reference": "tcpdump-14:4.9.2-3.el7.aarch64", "relates_to_product_reference": "7ComputeNode-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64" }, "product_reference": "tcpdump-14:4.9.2-3.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le" }, "product_reference": "tcpdump-14:4.9.2-3.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x" }, "product_reference": "tcpdump-14:4.9.2-3.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src" }, "product_reference": "tcpdump-14:4.9.2-3.el7.src", "relates_to_product_reference": "7ComputeNode-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64" }, "product_reference": "tcpdump-14:4.9.2-3.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "relates_to_product_reference": "7ComputeNode-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64" }, "product_reference": "tcpdump-14:4.9.2-3.el7.aarch64", "relates_to_product_reference": "7Server-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64" }, "product_reference": "tcpdump-14:4.9.2-3.el7.ppc64", "relates_to_product_reference": "7Server-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le" }, "product_reference": "tcpdump-14:4.9.2-3.el7.ppc64le", "relates_to_product_reference": "7Server-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x" }, "product_reference": "tcpdump-14:4.9.2-3.el7.s390x", "relates_to_product_reference": "7Server-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.src as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5:tcpdump-14:4.9.2-3.el7.src" }, "product_reference": "tcpdump-14:4.9.2-3.el7.src", "relates_to_product_reference": "7Server-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64" }, "product_reference": "tcpdump-14:4.9.2-3.el7.x86_64", "relates_to_product_reference": "7Server-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "relates_to_product_reference": "7Server-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "relates_to_product_reference": "7Server-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "relates_to_product_reference": "7Server-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "relates_to_product_reference": "7Server-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "relates_to_product_reference": "7Server-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64" }, "product_reference": "tcpdump-14:4.9.2-3.el7.aarch64", "relates_to_product_reference": "7Server-Alt-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64" }, "product_reference": "tcpdump-14:4.9.2-3.el7.ppc64", "relates_to_product_reference": "7Server-Alt-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le" }, "product_reference": "tcpdump-14:4.9.2-3.el7.ppc64le", "relates_to_product_reference": "7Server-Alt-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x" }, "product_reference": "tcpdump-14:4.9.2-3.el7.s390x", "relates_to_product_reference": "7Server-Alt-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src" }, "product_reference": "tcpdump-14:4.9.2-3.el7.src", "relates_to_product_reference": "7Server-Alt-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64" }, "product_reference": "tcpdump-14:4.9.2-3.el7.x86_64", "relates_to_product_reference": "7Server-Alt-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "relates_to_product_reference": "7Server-Alt-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "relates_to_product_reference": "7Server-Alt-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "relates_to_product_reference": "7Server-Alt-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "relates_to_product_reference": "7Server-Alt-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "relates_to_product_reference": "7Server-Alt-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64" }, "product_reference": "tcpdump-14:4.9.2-3.el7.aarch64", "relates_to_product_reference": "7Workstation-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64" }, "product_reference": "tcpdump-14:4.9.2-3.el7.ppc64", "relates_to_product_reference": "7Workstation-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le" }, "product_reference": "tcpdump-14:4.9.2-3.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x" }, "product_reference": "tcpdump-14:4.9.2-3.el7.s390x", "relates_to_product_reference": "7Workstation-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src" }, "product_reference": "tcpdump-14:4.9.2-3.el7.src", "relates_to_product_reference": "7Workstation-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-14:4.9.2-3.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64" }, "product_reference": "tcpdump-14:4.9.2-3.el7.x86_64", "relates_to_product_reference": "7Workstation-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "relates_to_product_reference": "7Workstation-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "relates_to_product_reference": "7Workstation-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "relates_to_product_reference": "7Workstation-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "tcpdump-debuginfo-14:4.9.2-3.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" }, "product_reference": "tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "relates_to_product_reference": "7Workstation-7.5" } ] }, "vulnerabilities": [ { "cve": "CVE-2017-11108", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "discovery_date": "2017-07-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1472878" } ], "notes": [ { "category": "description", "text": "tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol.", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Heap buffer overflow in the EXTRACT_16BITS function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-11108" }, { "category": "external", "summary": "RHBZ#1472878", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472878" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-11108", "url": "https://www.cve.org/CVERecord?id=CVE-2017-11108" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-11108", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11108" } ], "release_date": "2017-07-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Heap buffer overflow in the EXTRACT_16BITS function" }, { "cve": "CVE-2017-11541", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-07-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1475352" } ], "notes": [ { "category": "description", "text": "tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: heap-based buffer over-read in the lldp_print", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-11541" }, { "category": "external", "summary": "RHBZ#1475352", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1475352" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-11541", "url": "https://www.cve.org/CVERecord?id=CVE-2017-11541" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-11541", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11541" } ], "release_date": "2017-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: heap-based buffer over-read in the lldp_print" }, { "cve": "CVE-2017-11542", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-07-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1475355" } ], "notes": [ { "category": "description", "text": "tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: heap-based buffer over-read in the pimv1_print", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-11542" }, { "category": "external", "summary": "RHBZ#1475355", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1475355" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-11542", "url": "https://www.cve.org/CVERecord?id=CVE-2017-11542" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-11542", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11542" } ], "release_date": "2017-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: heap-based buffer over-read in the pimv1_print" }, { "cve": "CVE-2017-11543", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2017-07-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1475358" } ], "notes": [ { "category": "description", "text": "A vulnerability was discovered in tcpdump\u0027s handling of LINKTYPE_SLIP pcap files. An attacker could craft a malicious pcap file that would cause tcpdump to crash when attempting to print a summary of packet data within the file.", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: buffer overflow in the sliplink_print function", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-11543" }, { "category": "external", "summary": "RHBZ#1475358", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1475358" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-11543", "url": "https://www.cve.org/CVERecord?id=CVE-2017-11543" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-11543", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11543" } ], "release_date": "2017-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: buffer overflow in the sliplink_print function" }, { "cve": "CVE-2017-11544", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-07-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1475359" } ], "notes": [ { "category": "description", "text": "A vulnerability was discovered in tcpdump\u0027s handling of LINKTYPE_SLIP pcap files. An attacker could craft a malicious pcap file that would cause tcpdump to crash when attempting to print a summary of packet data within the file.", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Segmentation Violation in the compressed_sl_print", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-11544" }, { "category": "external", "summary": "RHBZ#1475359", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1475359" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-11544", "url": "https://www.cve.org/CVERecord?id=CVE-2017-11544" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-11544", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11544" } ], "release_date": "2017-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Segmentation Violation in the compressed_sl_print" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12893", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490539" } ], "notes": [ { "category": "description", "text": "The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in smbutil.c:name_len() in SMB/CIFS parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12893" }, { "category": "external", "summary": "RHBZ#1490539", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490539" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12893", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12893" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12893", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12893" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in smbutil.c:name_len() in SMB/CIFS parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12894", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490540" } ], "notes": [ { "category": "description", "text": "Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in addrtoname.c:lookup_bytestring()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12894" }, { "category": "external", "summary": "RHBZ#1490540", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490540" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12894", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12894" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12894", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12894" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in addrtoname.c:lookup_bytestring()" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12895", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490541" } ], "notes": [ { "category": "description", "text": "The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-icmp.c:icmp_print() in ICMP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12895" }, { "category": "external", "summary": "RHBZ#1490541", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490541" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12895", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12895" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12895", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12895" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-icmp.c:icmp_print() in ICMP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12896", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490543" } ], "notes": [ { "category": "description", "text": "The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-isakmp.c:isakmp_rfc3948_print() in ISAKMP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12896" }, { "category": "external", "summary": "RHBZ#1490543", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490543" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12896", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12896" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12896", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12896" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-isakmp.c:isakmp_rfc3948_print() in ISAKMP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12897", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490545" } ], "notes": [ { "category": "description", "text": "The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-isoclns.c:isoclns_print() in ISO CLNS parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12897" }, { "category": "external", "summary": "RHBZ#1490545", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490545" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12897", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12897" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12897", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12897" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-isoclns.c:isoclns_print() in ISO CLNS parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12898", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490546" } ], "notes": [ { "category": "description", "text": "The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-nfs.c:interp_reply() in NFS parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12898" }, { "category": "external", "summary": "RHBZ#1490546", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490546" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12898", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12898" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12898", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12898" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-nfs.c:interp_reply() in NFS parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12899", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490547" } ], "notes": [ { "category": "description", "text": "The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-decnet.c:decnet_print() in DECnet parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12899" }, { "category": "external", "summary": "RHBZ#1490547", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490547" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12899", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12899" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12899", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12899" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-decnet.c:decnet_print() in DECnet parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12900", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490548" } ], "notes": [ { "category": "description", "text": "Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in util-print.c:tok2strbuf()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12900" }, { "category": "external", "summary": "RHBZ#1490548", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490548" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12900", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12900" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12900", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12900" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in util-print.c:tok2strbuf()" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12901", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490549" } ], "notes": [ { "category": "description", "text": "The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-eigrp.c:eigrp_print() in EIGRP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12901" }, { "category": "external", "summary": "RHBZ#1490549", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490549" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12901", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12901" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12901", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12901" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-eigrp.c:eigrp_print() in EIGRP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12902", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490550" } ], "notes": [ { "category": "description", "text": "The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-zephyr.c, several functions in Zephyr parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12902" }, { "category": "external", "summary": "RHBZ#1490550", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490550" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12902", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12902" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12902", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12902" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-zephyr.c, several functions in Zephyr parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12985", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490551" } ], "notes": [ { "category": "description", "text": "The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-ip6.c:ip6_print() in IPv6 parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12985" }, { "category": "external", "summary": "RHBZ#1490551", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490551" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12985", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12985" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12985", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12985" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-ip6.c:ip6_print() in IPv6 parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12986", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490552" } ], "notes": [ { "category": "description", "text": "The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-rt6.c:rt6_print() in IPv6 routing header parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12986" }, { "category": "external", "summary": "RHBZ#1490552", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490552" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12986", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12986" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12986", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12986" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-rt6.c:rt6_print() in IPv6 routing header parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12987", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490553" } ], "notes": [ { "category": "description", "text": "The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-802_11.c:parse_elements() in IEEE 802.11 parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12987" }, { "category": "external", "summary": "RHBZ#1490553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490553" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12987", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12987" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12987", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12987" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-802_11.c:parse_elements() in IEEE 802.11 parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12988", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490554" } ], "notes": [ { "category": "description", "text": "The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-telnet.c:telnet_parse() in telnet parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12988" }, { "category": "external", "summary": "RHBZ#1490554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490554" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12988", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12988" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12988", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12988" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-telnet.c:telnet_parse() in telnet parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12989", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490555" } ], "notes": [ { "category": "description", "text": "The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Infinite loop due to a bug in print-resp.c:resp_get_length() in RESP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12989" }, { "category": "external", "summary": "RHBZ#1490555", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490555" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12989", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12989" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12989", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12989" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Infinite loop due to a bug in print-resp.c:resp_get_length() in RESP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12990", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490556" } ], "notes": [ { "category": "description", "text": "The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions.", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Infinite loop due to bugs in print-isakmp.c, several functions in ISAKMP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12990" }, { "category": "external", "summary": "RHBZ#1490556", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490556" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12990", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12990" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12990", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12990" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Infinite loop due to bugs in print-isakmp.c, several functions in ISAKMP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12991", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490557" } ], "notes": [ { "category": "description", "text": "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-bgp.c:bgp_attr_print() in BGP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12991" }, { "category": "external", "summary": "RHBZ#1490557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490557" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12991", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12991" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12991", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12991" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-bgp.c:bgp_attr_print() in BGP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12992", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490558" } ], "notes": [ { "category": "description", "text": "The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-ripng.c:ripng_print() in RIPng parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12992" }, { "category": "external", "summary": "RHBZ#1490558", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490558" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12992", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12992" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12992", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12992" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-ripng.c:ripng_print() in RIPng parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12993", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490559" } ], "notes": [ { "category": "description", "text": "The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions.", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-juniper.c, several functions in Juniper protocols parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12993" }, { "category": "external", "summary": "RHBZ#1490559", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490559" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12993", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12993" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12993", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12993" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-juniper.c, several functions in Juniper protocols parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12994", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490560" } ], "notes": [ { "category": "description", "text": "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-bgp.c:bgp_attr_print() in BGP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12994" }, { "category": "external", "summary": "RHBZ#1490560", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490560" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12994", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12994" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12994", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12994" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-bgp.c:bgp_attr_print() in BGP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12995", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490561" } ], "notes": [ { "category": "description", "text": "The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Infinite loop due to a bug in print-domain.c:ns_print() in DNS parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12995" }, { "category": "external", "summary": "RHBZ#1490561", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490561" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12995", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12995" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12995", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12995" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Infinite loop due to a bug in print-domain.c:ns_print() in DNS parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12996", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490562" } ], "notes": [ { "category": "description", "text": "The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-pim.c:pimv2_print() in PIMv2 parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12996" }, { "category": "external", "summary": "RHBZ#1490562", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490562" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12996", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12996" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12996", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12996" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-pim.c:pimv2_print() in PIMv2 parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12997", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490564" } ], "notes": [ { "category": "description", "text": "The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldp_private_8021_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Infinite loop due to a bug in print-lldp.c:lldp_private_8021_print() in LLDP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12997" }, { "category": "external", "summary": "RHBZ#1490564", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490564" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12997", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12997" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12997", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12997" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Infinite loop due to a bug in print-lldp.c:lldp_private_8021_print() in LLDP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12998", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490565" } ], "notes": [ { "category": "description", "text": "The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_extd_ip_reach().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-isoclns.c:isis_print_extd_ip_reach() in IS-IS parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12998" }, { "category": "external", "summary": "RHBZ#1490565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490565" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12998", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12998" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12998", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12998" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-isoclns.c:isis_print_extd_ip_reach() in IS-IS parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-12999", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490566" } ], "notes": [ { "category": "description", "text": "The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-isoclns.c:isis_print() in IS-IS parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12999" }, { "category": "external", "summary": "RHBZ#1490566", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490566" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12999", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12999" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12999", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12999" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-isoclns.c:isis_print() in IS-IS parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13000", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490567" } ], "notes": [ { "category": "description", "text": "The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-802_15_4.c:ieee802_15_4_if_print() in IEEE 802.15.4 parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13000" }, { "category": "external", "summary": "RHBZ#1490567", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490567" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13000", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13000" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13000", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13000" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-802_15_4.c:ieee802_15_4_if_print() in IEEE 802.15.4 parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13001", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490568" } ], "notes": [ { "category": "description", "text": "The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-nfs.c:nfs_printfh() in NFS parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13001" }, { "category": "external", "summary": "RHBZ#1490568", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490568" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13001", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13001" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13001", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13001" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-nfs.c:nfs_printfh() in NFS parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13002", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490569" } ], "notes": [ { "category": "description", "text": "The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-aodv.c:aodv_extension() in AODV parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13002" }, { "category": "external", "summary": "RHBZ#1490569", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490569" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13002", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13002" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13002", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13002" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-aodv.c:aodv_extension() in AODV parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13003", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490570" } ], "notes": [ { "category": "description", "text": "The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-lmp.c:lmp_print() in LMP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13003" }, { "category": "external", "summary": "RHBZ#1490570", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490570" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13003", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13003" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13003", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13003" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-lmp.c:lmp_print() in LMP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13004", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490571" } ], "notes": [ { "category": "description", "text": "The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-juniper.c:juniper_parse_header() in Juniper protocols parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13004" }, { "category": "external", "summary": "RHBZ#1490571", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490571" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13004", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13004" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13004", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13004" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-juniper.c:juniper_parse_header() in Juniper protocols parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13005", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490572" } ], "notes": [ { "category": "description", "text": "The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-nfs.c:xid_map_enter() in NFS parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13005" }, { "category": "external", "summary": "RHBZ#1490572", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490572" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13005", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13005" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13005", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13005" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-nfs.c:xid_map_enter() in NFS parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13006", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490573" } ], "notes": [ { "category": "description", "text": "The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-l2tp.c, several functions in L2TP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13006" }, { "category": "external", "summary": "RHBZ#1490573", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490573" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13006", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13006" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13006", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13006" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-l2tp.c, several functions in L2TP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13007", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490574" } ], "notes": [ { "category": "description", "text": "The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read in print-pktap.c:pktap_if_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-pktap.c:pktap_if_print() in Apple PKTAP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13007" }, { "category": "external", "summary": "RHBZ#1490574", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490574" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13007", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13007" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13007", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13007" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-pktap.c:pktap_if_print() in Apple PKTAP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13008", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490575" } ], "notes": [ { "category": "description", "text": "The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-802_11.c:parse_elements() in IEEE 802.11 parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13008" }, { "category": "external", "summary": "RHBZ#1490575", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490575" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13008", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13008" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13008", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13008" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-802_11.c:parse_elements() in IEEE 802.11 parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13009", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490576" } ], "notes": [ { "category": "description", "text": "The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-mobility.c:mobility_print() in IPv6 mobility parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13009" }, { "category": "external", "summary": "RHBZ#1490576", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490576" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13009", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13009" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13009", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13009" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-mobility.c:mobility_print() in IPv6 mobility parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13010", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490577" } ], "notes": [ { "category": "description", "text": "The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-beep.c:l_strnstart() in BEEP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13010" }, { "category": "external", "summary": "RHBZ#1490577", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490577" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13010", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13010" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13010", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13010" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-beep.c:l_strnstart() in BEEP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13011", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490578" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in tcpdump\u0027s verbose printing of packet data. A crafted pcap file or specially crafted network traffic could cause tcpdump to write out of bounds in the BSS segment, potentially causing tcpdump to display truncated or incorrectly decoded fields or crash with a segmentation violation. This does not affect tcpdump when used with the -w option to save a pcap file.", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer overflow in util-print.c:bittok2str_internal()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13011" }, { "category": "external", "summary": "RHBZ#1490578", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490578" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13011", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13011" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13011", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13011" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tcpdump: Buffer overflow in util-print.c:bittok2str_internal()" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13012", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490579" } ], "notes": [ { "category": "description", "text": "The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-icmp.c:icmp_print() in ICMP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13012" }, { "category": "external", "summary": "RHBZ#1490579", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490579" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13012", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13012" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13012", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13012" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-icmp.c:icmp_print() in ICMP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13013", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490580" } ], "notes": [ { "category": "description", "text": "The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-arp.c, several functions in ARP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13013" }, { "category": "external", "summary": "RHBZ#1490580", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490580" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13013", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13013" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13013", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13013" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-arp.c, several functions in ARP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13014", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490581" } ], "notes": [ { "category": "description", "text": "The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions.", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-wb.c:wb_prep(), several functions in White Board protocol parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13014" }, { "category": "external", "summary": "RHBZ#1490581", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490581" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13014", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13014" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13014", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13014" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-wb.c:wb_prep(), several functions in White Board protocol parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13015", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490582" } ], "notes": [ { "category": "description", "text": "The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print-eap.c:eap_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-eap.c:eap_print() in EAP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13015" }, { "category": "external", "summary": "RHBZ#1490582", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490582" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13015", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13015" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13015", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13015" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-eap.c:eap_print() in EAP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13016", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490583" } ], "notes": [ { "category": "description", "text": "The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-isoclns.c:esis_print() in ISO ES-IS parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13016" }, { "category": "external", "summary": "RHBZ#1490583", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490583" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13016", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13016" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13016", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13016" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-isoclns.c:esis_print() in ISO ES-IS parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13017", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490584" } ], "notes": [ { "category": "description", "text": "The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-dhcp6.c:dhcp6opt_print() in DHCPv6 parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13017" }, { "category": "external", "summary": "RHBZ#1490584", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490584" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13017", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13017" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13017", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13017" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-dhcp6.c:dhcp6opt_print() in DHCPv6 parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13018", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490585" } ], "notes": [ { "category": "description", "text": "The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-pgm.c:pgm_print() in PGM parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13018" }, { "category": "external", "summary": "RHBZ#1490585", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490585" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13018", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13018" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13018", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13018" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-pgm.c:pgm_print() in PGM parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13019", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490586" } ], "notes": [ { "category": "description", "text": "The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-pgm.c:pgm_print() in PGM parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13019" }, { "category": "external", "summary": "RHBZ#1490586", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490586" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13019", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13019" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13019", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13019" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-pgm.c:pgm_print() in PGM parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13020", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490587" } ], "notes": [ { "category": "description", "text": "The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-vtp.c:vtp_print() in VTP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13020" }, { "category": "external", "summary": "RHBZ#1490587", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490587" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13020", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13020" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13020", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13020" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-vtp.c:vtp_print() in VTP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13021", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490588" } ], "notes": [ { "category": "description", "text": "The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-icmp6.c:icmp6_print() in ICMPv6 parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13021" }, { "category": "external", "summary": "RHBZ#1490588", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490588" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13021", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13021" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13021", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13021" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-icmp6.c:icmp6_print() in ICMPv6 parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13022", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490589" } ], "notes": [ { "category": "description", "text": "The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-ip.c:ip_printroute() in IP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13022" }, { "category": "external", "summary": "RHBZ#1490589", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490589" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13022", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13022" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13022", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13022" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-ip.c:ip_printroute() in IP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13023", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490590" } ], "notes": [ { "category": "description", "text": "The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-mobility.c:mobility_opt_print() in IPv6 mobility parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13023" }, { "category": "external", "summary": "RHBZ#1490590", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490590" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13023", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13023" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-mobility.c:mobility_opt_print() in IPv6 mobility parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13024", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490591" } ], "notes": [ { "category": "description", "text": "The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-mobility.c:mobility_opt_print() in IPv6 mobility parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13024" }, { "category": "external", "summary": "RHBZ#1490591", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490591" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13024", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13024" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13024", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13024" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-mobility.c:mobility_opt_print() in IPv6 mobility parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13025", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490592" } ], "notes": [ { "category": "description", "text": "The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-mobility.c:mobility_opt_print() in IPv6 mobility parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13025" }, { "category": "external", "summary": "RHBZ#1490592", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490592" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13025", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13025" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13025", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13025" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-mobility.c:mobility_opt_print() in IPv6 mobility parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13026", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490593" } ], "notes": [ { "category": "description", "text": "The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c, several functions.", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-isoclns.c, several functions in ISO IS-IS parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13026" }, { "category": "external", "summary": "RHBZ#1490593", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490593" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13026", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13026" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13026", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13026" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-isoclns.c, several functions in ISO IS-IS parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13027", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490594" } ], "notes": [ { "category": "description", "text": "The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print() in LLDP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13027" }, { "category": "external", "summary": "RHBZ#1490594", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490594" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13027", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13027" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13027", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13027" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print() in LLDP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13028", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490595" } ], "notes": [ { "category": "description", "text": "The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-bootp.c:bootp_print() in BOOTP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13028" }, { "category": "external", "summary": "RHBZ#1490595", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490595" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13028", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13028" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13028", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13028" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-bootp.c:bootp_print() in BOOTP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13029", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490596" } ], "notes": [ { "category": "description", "text": "The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-ppp.c:print_ccp_config_options() in PPP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13029" }, { "category": "external", "summary": "RHBZ#1490596", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490596" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13029", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13029" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13029", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13029" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-ppp.c:print_ccp_config_options() in PPP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13030", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490597" } ], "notes": [ { "category": "description", "text": "The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-pim.c, several functions in PIM parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13030" }, { "category": "external", "summary": "RHBZ#1490597", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490597" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13030", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13030" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13030", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13030" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-pim.c, several functions in PIM parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13031", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490598" } ], "notes": [ { "category": "description", "text": "The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-frag6.c:frag6_print() in IPv6 fragmentation header parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13031" }, { "category": "external", "summary": "RHBZ#1490598", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490598" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13031", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13031" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13031", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13031" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-frag6.c:frag6_print() in IPv6 fragmentation header parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13032", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490599" } ], "notes": [ { "category": "description", "text": "The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-radius.c:print_attr_string() in RADIUS parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13032" }, { "category": "external", "summary": "RHBZ#1490599", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490599" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13032", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13032" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13032", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13032" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-radius.c:print_attr_string() in RADIUS parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13033", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490600" } ], "notes": [ { "category": "description", "text": "The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-vtp.c:vtp_print() in VTP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13033" }, { "category": "external", "summary": "RHBZ#1490600", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490600" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13033", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13033" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13033", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13033" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-vtp.c:vtp_print() in VTP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13034", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490601" } ], "notes": [ { "category": "description", "text": "The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-pgm.c:pgm_print() in PGM parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13034" }, { "category": "external", "summary": "RHBZ#1490601", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490601" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13034", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13034" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13034", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13034" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-pgm.c:pgm_print() in PGM parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13035", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490602" } ], "notes": [ { "category": "description", "text": "The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-isoclns.c:isis_print_id() in ISO IS-IS parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13035" }, { "category": "external", "summary": "RHBZ#1490602", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490602" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13035", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13035" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13035", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13035" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-isoclns.c:isis_print_id() in ISO IS-IS parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13036", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490603" } ], "notes": [ { "category": "description", "text": "The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-ospf6.c:ospf6_decode_v3() in OSPFv3 parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13036" }, { "category": "external", "summary": "RHBZ#1490603", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490603" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13036", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13036" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13036", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13036" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-ospf6.c:ospf6_decode_v3() in OSPFv3 parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13037", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490604" } ], "notes": [ { "category": "description", "text": "The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-ip.c:ip_printts() in IP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13037" }, { "category": "external", "summary": "RHBZ#1490604", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490604" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13037", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13037" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13037", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13037" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-ip.c:ip_printts() in IP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13038", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490605" } ], "notes": [ { "category": "description", "text": "The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-ppp.c:handle_mlppp() in PPP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13038" }, { "category": "external", "summary": "RHBZ#1490605", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490605" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13038", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13038" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13038", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13038" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-ppp.c:handle_mlppp() in PPP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13039", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490606" } ], "notes": [ { "category": "description", "text": "The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-isakmp.c, several functions in ISAKMP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13039" }, { "category": "external", "summary": "RHBZ#1490606", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490606" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13039", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13039" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13039", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13039" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-isakmp.c, several functions in ISAKMP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13040", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490607" } ], "notes": [ { "category": "description", "text": "The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-mptcp.c, several functions in MPTCP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13040" }, { "category": "external", "summary": "RHBZ#1490607", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490607" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13040", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13040" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13040", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13040" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-mptcp.c, several functions in MPTCP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13041", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490608" } ], "notes": [ { "category": "description", "text": "The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-icmp6.c:icmp6_nodeinfo_print() in ICMPv6 parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13041" }, { "category": "external", "summary": "RHBZ#1490608", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490608" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13041", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13041" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13041", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13041" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-icmp6.c:icmp6_nodeinfo_print() in ICMPv6 parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13042", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490609" } ], "notes": [ { "category": "description", "text": "The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-hncp.c:dhcpv6_print() in HNCP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13042" }, { "category": "external", "summary": "RHBZ#1490609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13042", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13042" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13042", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13042" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-hncp.c:dhcpv6_print() in HNCP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13043", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490610" } ], "notes": [ { "category": "description", "text": "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-bgp.c:decode_multicast_vpn() in BGP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13043" }, { "category": "external", "summary": "RHBZ#1490610", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490610" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13043", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13043" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13043", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13043" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-bgp.c:decode_multicast_vpn() in BGP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13044", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490611" } ], "notes": [ { "category": "description", "text": "The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-hncp.c:dhcpv4_print() in HNCP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13044" }, { "category": "external", "summary": "RHBZ#1490611", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490611" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13044", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13044" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13044", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13044" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-hncp.c:dhcpv4_print() in HNCP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13045", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490612" } ], "notes": [ { "category": "description", "text": "The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-vqp.c:vqp_print() in VQP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13045" }, { "category": "external", "summary": "RHBZ#1490612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490612" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13045", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13045" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13045", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13045" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-vqp.c:vqp_print() in VQP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13046", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490613" } ], "notes": [ { "category": "description", "text": "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-bgp.c:bgp_attr_print() in BGP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13046" }, { "category": "external", "summary": "RHBZ#1490613", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490613" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13046", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13046" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13046", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13046" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-bgp.c:bgp_attr_print() in BGP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13047", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490614" } ], "notes": [ { "category": "description", "text": "The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-isoclns.c:esis_print() in ISO ES-IS parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13047" }, { "category": "external", "summary": "RHBZ#1490614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490614" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13047", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13047" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13047", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13047" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-isoclns.c:esis_print() in ISO ES-IS parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13048", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490615" } ], "notes": [ { "category": "description", "text": "The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-rsvp.c:rsvp_obj_print() in RSVP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13048" }, { "category": "external", "summary": "RHBZ#1490615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13048", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13048" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13048", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13048" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-rsvp.c:rsvp_obj_print() in RSVP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13049", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490616" } ], "notes": [ { "category": "description", "text": "The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-rx.c:ubik_print() in Rx protocol parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13049" }, { "category": "external", "summary": "RHBZ#1490616", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490616" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13049", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13049" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13049", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13049" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-rx.c:ubik_print() in Rx protocol parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13050", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490617" } ], "notes": [ { "category": "description", "text": "The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print() in RPKI-Router parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13050" }, { "category": "external", "summary": "RHBZ#1490617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490617" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13050", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13050" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13050", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13050" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print() in RPKI-Router parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13051", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490618" } ], "notes": [ { "category": "description", "text": "The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-rsvp.c:rsvp_obj_print() in RSVP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13051" }, { "category": "external", "summary": "RHBZ#1490618", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490618" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13051", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13051" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13051", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13051" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-rsvp.c:rsvp_obj_print() in RSVP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13052", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490619" } ], "notes": [ { "category": "description", "text": "The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-cfm.c:cfm_print() in CFM parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13052" }, { "category": "external", "summary": "RHBZ#1490619", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490619" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13052", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13052" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13052", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13052" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-cfm.c:cfm_print() in CFM parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13053", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490620" } ], "notes": [ { "category": "description", "text": "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-bgp.c:decode_rt_routing_info() in BGP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13053" }, { "category": "external", "summary": "RHBZ#1490620", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490620" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13053", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13053" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13053", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13053" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-bgp.c:decode_rt_routing_info() in BGP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13054", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490621" } ], "notes": [ { "category": "description", "text": "The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-lldp.c:lldp_private_8023_print() in LLDP parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13054" }, { "category": "external", "summary": "RHBZ#1490621", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490621" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13054", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13054" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13054", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13054" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-lldp.c:lldp_private_8023_print() in LLDP parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13055", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490622" } ], "notes": [ { "category": "description", "text": "The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv() in ISO IS-IS parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13055" }, { "category": "external", "summary": "RHBZ#1490622", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490622" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13055", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13055" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13055", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13055" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv() in ISO IS-IS parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13687", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490623" } ], "notes": [ { "category": "description", "text": "The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-chdlc.c:chdlc_print() in Cisco HDLC parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13687" }, { "category": "external", "summary": "RHBZ#1490623", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490623" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13687", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13687" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13687", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13687" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-chdlc.c:chdlc_print() in Cisco HDLC parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13688", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490624" } ], "notes": [ { "category": "description", "text": "The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-olsr.c:olsr_print() in OLSR parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13688" }, { "category": "external", "summary": "RHBZ#1490624", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490624" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13688", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13688" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13688", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13688" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-olsr.c:olsr_print() in OLSR parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13689", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490625" } ], "notes": [ { "category": "description", "text": "The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-isakmp.c:ikev1_id_print() in IKEv1 parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13689" }, { "category": "external", "summary": "RHBZ#1490625", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490625" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13689", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13689" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13689", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13689" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-isakmp.c:ikev1_id_print() in IKEv1 parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13690", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490626" } ], "notes": [ { "category": "description", "text": "The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-isakmp.c, several functions in IKEv2 parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13690" }, { "category": "external", "summary": "RHBZ#1490626", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490626" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13690", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13690" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13690", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13690" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-isakmp.c, several functions in IKEv2 parser" }, { "acknowledgments": [ { "names": [ "the Tcpdump project" ] } ], "cve": "CVE-2017-13725", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490627" } ], "notes": [ { "category": "description", "text": "The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().", "title": "Vulnerability description" }, { "category": "summary", "text": "tcpdump: Buffer over-read in print-rt6.c:rt6_print() in IPv6 routing header parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13725" }, { "category": "external", "summary": "RHBZ#1490627", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490627" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13725", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13725" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13725", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13725" } ], "release_date": "2017-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T00:00:00+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Client-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-14:4.9.2-3.el7.src", "7Client-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Client-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.src", "7ComputeNode-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7ComputeNode-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.src", "7Server-Alt-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Server-Alt-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.src", "7Workstation-7.5:tcpdump-14:4.9.2-3.el7.x86_64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.aarch64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.ppc64le", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.s390x", "7Workstation-7.5:tcpdump-debuginfo-14:4.9.2-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tcpdump: Buffer over-read in print-rt6.c:rt6_print() in IPv6 routing header parser" } ] }
gsd-2017-12995
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().
Aliases
Aliases
{ "GSD": { "alias": "CVE-2017-12995", "description": "The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().", "id": "GSD-2017-12995", "references": [ "https://www.suse.com/security/cve/CVE-2017-12995.html", "https://www.debian.org/security/2017/dsa-3971", "https://access.redhat.com/errata/RHEA-2018:0705", "https://ubuntu.com/security/CVE-2017-12995", "https://advisories.mageia.org/CVE-2017-12995.html", "https://security.archlinux.org/CVE-2017-12995" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2017-12995" ], "details": "The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().", "id": "GSD-2017-12995", "modified": "2023-12-13T01:21:03.718871Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-12995", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print()." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201709-23", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201709-23" }, { "name": "https://support.apple.com/HT208221", "refsource": "CONFIRM", "url": "https://support.apple.com/HT208221" }, { "name": "DSA-3971", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3971" }, { "name": "1039307", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039307" }, { "name": "https://github.com/the-tcpdump-group/tcpdump/commit/3a76fd7c95fced2c2f8c8148a9055c3a542eff29", "refsource": "CONFIRM", "url": "https://github.com/the-tcpdump-group/tcpdump/commit/3a76fd7c95fced2c2f8c8148a9055c3a542eff29" }, { "name": "http://www.tcpdump.org/tcpdump-changes.txt", "refsource": "CONFIRM", "url": "http://www.tcpdump.org/tcpdump-changes.txt" }, { "name": "RHEA-2018:0705", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:tcpdump:tcpdump:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.9.1", "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-12995" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print()." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-835" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/the-tcpdump-group/tcpdump/commit/3a76fd7c95fced2c2f8c8148a9055c3a542eff29", "refsource": "CONFIRM", "tags": [ "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://github.com/the-tcpdump-group/tcpdump/commit/3a76fd7c95fced2c2f8c8148a9055c3a542eff29" }, { "name": "http://www.tcpdump.org/tcpdump-changes.txt", "refsource": "CONFIRM", "tags": [ "Vendor Advisory" ], "url": "http://www.tcpdump.org/tcpdump-changes.txt" }, { "name": "1039307", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id/1039307" }, { "name": "GLSA-201709-23", "refsource": "GENTOO", "tags": [], "url": "https://security.gentoo.org/glsa/201709-23" }, { "name": "DSA-3971", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2017/dsa-3971" }, { "name": "https://support.apple.com/HT208221", "refsource": "CONFIRM", "tags": [], "url": "https://support.apple.com/HT208221" }, { "name": "RHEA-2018:0705", "refsource": "REDHAT", "tags": [], "url": "https://access.redhat.com/errata/RHEA-2018:0705" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } }, "lastModifiedDate": "2019-10-03T00:03Z", "publishedDate": "2017-09-14T06:29Z" } } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.