Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-1010220 (GCVE-0-2019-1010220)
Vulnerability from cvelistv5
Published
2019-07-22 17:30
Modified
2024-08-05 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-126 - Buffer Over-read
Summary
tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-hncp.c". The attack vector is: The victim must open a specially crafted pcap file.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| tcpdump.org | tcpdump |
Version: 4.9.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:07:18.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9.2/print-hncp.c"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/blob/master/print-hncp.c"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/commits/master/print-hncp.c"
},
{
"name": "openSUSE-SU-2019:1964",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00065.html"
},
{
"name": "openSUSE-SU-2019:2344",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html"
},
{
"name": "openSUSE-SU-2019:2348",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html"
},
{
"name": "FEDORA-2019-85d92df70f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"name": "FEDORA-2019-d06bc63433",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
},
{
"name": "FEDORA-2019-6db0d5b9d9",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/"
},
{
"name": "USN-4252-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4252-2/"
},
{
"name": "USN-4252-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4252-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "tcpdump",
"vendor": "tcpdump.org",
"versions": [
{
"status": "affected",
"version": "4.9.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: \"ND_PRINT((ndo, \"%s\", buf));\", in function named \"print_prefix\", in \"print-hncp.c\". The attack vector is: The victim must open a specially crafted pcap file."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126: Buffer Over-read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-05T03:06:02",
"orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"shortName": "dwf"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9.2/print-hncp.c"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/blob/master/print-hncp.c"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/commits/master/print-hncp.c"
},
{
"name": "openSUSE-SU-2019:1964",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00065.html"
},
{
"name": "openSUSE-SU-2019:2344",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html"
},
{
"name": "openSUSE-SU-2019:2348",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html"
},
{
"name": "FEDORA-2019-85d92df70f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"name": "FEDORA-2019-d06bc63433",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
},
{
"name": "FEDORA-2019-6db0d5b9d9",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/"
},
{
"name": "USN-4252-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4252-2/"
},
{
"name": "USN-4252-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4252-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "tcpdump",
"version": {
"version_data": [
{
"version_value": "4.9.2"
}
]
}
}
]
},
"vendor_name": "tcpdump.org"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: \"ND_PRINT((ndo, \"%s\", buf));\", in function named \"print_prefix\", in \"print-hncp.c\". The attack vector is: The victim must open a specially crafted pcap file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-126: Buffer Over-read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9.2/print-hncp.c",
"refsource": "MISC",
"url": "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9.2/print-hncp.c"
},
{
"name": "https://github.com/the-tcpdump-group/tcpdump/blob/master/print-hncp.c",
"refsource": "MISC",
"url": "https://github.com/the-tcpdump-group/tcpdump/blob/master/print-hncp.c"
},
{
"name": "https://github.com/the-tcpdump-group/tcpdump/commits/master/print-hncp.c",
"refsource": "MISC",
"url": "https://github.com/the-tcpdump-group/tcpdump/commits/master/print-hncp.c"
},
{
"name": "openSUSE-SU-2019:1964",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00065.html"
},
{
"name": "openSUSE-SU-2019:2344",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html"
},
{
"name": "openSUSE-SU-2019:2348",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html"
},
{
"name": "FEDORA-2019-85d92df70f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"name": "FEDORA-2019-d06bc63433",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
},
{
"name": "FEDORA-2019-6db0d5b9d9",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/"
},
{
"name": "USN-4252-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4252-2/"
},
{
"name": "USN-4252-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4252-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"assignerShortName": "dwf",
"cveId": "CVE-2019-1010220",
"datePublished": "2019-07-22T17:30:14",
"dateReserved": "2019-03-20T00:00:00",
"dateUpdated": "2024-08-05T03:07:18.432Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2019-1010220\",\"sourceIdentifier\":\"josh@bress.net\",\"published\":\"2019-07-22T18:15:11.027\",\"lastModified\":\"2024-11-21T04:18:03.980\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: \\\"ND_PRINT((ndo, \\\"%s\\\", buf));\\\", in function named \\\"print_prefix\\\", in \\\"print-hncp.c\\\". The attack vector is: The victim must open a specially crafted pcap file.\"},{\"lang\":\"es\",\"value\":\"tcpdump de tcpdump.org versi\u00f3n 4.9.2 est\u00e1 afectado por: CWE-126: Sobrecarga del B\u00fafer. El impacto es: puede exponer el Puntero Frame Guardado, la Direcci\u00f3n de Retorno, etc. en la pila. El componente es: l\u00ednea 234: \\\"ND_PRINT((ndo,\\\"% s\\\",buf));\\\", en la funci\u00f3n llamada \\\"print_prefix\\\", en el archivo \\\"print-hncp.c\\\". El vector de ataque es: La v\u00edctima necesita abrir un archivo pcap especialmente dise\u00f1ado.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N\",\"baseScore\":3.3,\"baseSeverity\":\"LOW\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"josh@bress.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-126\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcpdump:tcpdump:4.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9FBA366-800E-4163-8E22-A652750C4F28\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00065.html\",\"source\":\"josh@bress.net\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html\",\"source\":\"josh@bress.net\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html\",\"source\":\"josh@bress.net\"},{\"url\":\"https://github.com/the-tcpdump-group/tcpdump/blob/master/print-hncp.c\",\"source\":\"josh@bress.net\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9.2/print-hncp.c\",\"source\":\"josh@bress.net\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/the-tcpdump-group/tcpdump/commits/master/print-hncp.c\",\"source\":\"josh@bress.net\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/\",\"source\":\"josh@bress.net\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/\",\"source\":\"josh@bress.net\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/\",\"source\":\"josh@bress.net\"},{\"url\":\"https://usn.ubuntu.com/4252-1/\",\"source\":\"josh@bress.net\"},{\"url\":\"https://usn.ubuntu.com/4252-2/\",\"source\":\"josh@bress.net\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00065.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/the-tcpdump-group/tcpdump/blob/master/print-hncp.c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9.2/print-hncp.c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/the-tcpdump-group/tcpdump/commits/master/print-hncp.c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/4252-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/4252-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
gsd-2019-1010220
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-hncp.c". The attack vector is: The victim must open a specially crafted pcap file.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-1010220",
"description": "tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: \"ND_PRINT((ndo, \"%s\", buf));\", in function named \"print_prefix\", in \"print-hncp.c\". The attack vector is: The victim must open a specially crafted pcap file.",
"id": "GSD-2019-1010220",
"references": [
"https://www.suse.com/security/cve/CVE-2019-1010220.html",
"https://ubuntu.com/security/CVE-2019-1010220"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-1010220"
],
"details": "tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: \"ND_PRINT((ndo, \"%s\", buf));\", in function named \"print_prefix\", in \"print-hncp.c\". The attack vector is: The victim must open a specially crafted pcap file.",
"id": "GSD-2019-1010220",
"modified": "2023-12-13T01:23:50.722051Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "tcpdump",
"version": {
"version_data": [
{
"version_value": "4.9.2"
}
]
}
}
]
},
"vendor_name": "tcpdump.org"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: \"ND_PRINT((ndo, \"%s\", buf));\", in function named \"print_prefix\", in \"print-hncp.c\". The attack vector is: The victim must open a specially crafted pcap file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-126: Buffer Over-read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9.2/print-hncp.c",
"refsource": "MISC",
"url": "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9.2/print-hncp.c"
},
{
"name": "https://github.com/the-tcpdump-group/tcpdump/blob/master/print-hncp.c",
"refsource": "MISC",
"url": "https://github.com/the-tcpdump-group/tcpdump/blob/master/print-hncp.c"
},
{
"name": "https://github.com/the-tcpdump-group/tcpdump/commits/master/print-hncp.c",
"refsource": "MISC",
"url": "https://github.com/the-tcpdump-group/tcpdump/commits/master/print-hncp.c"
},
{
"name": "openSUSE-SU-2019:1964",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00065.html"
},
{
"name": "openSUSE-SU-2019:2344",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html"
},
{
"name": "openSUSE-SU-2019:2348",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html"
},
{
"name": "FEDORA-2019-85d92df70f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"name": "FEDORA-2019-d06bc63433",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
},
{
"name": "FEDORA-2019-6db0d5b9d9",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/"
},
{
"name": "USN-4252-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4252-2/"
},
{
"name": "USN-4252-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4252-1/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:tcpdump:tcpdump:4.9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010220"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: \"ND_PRINT((ndo, \"%s\", buf));\", in function named \"print_prefix\", in \"print-hncp.c\". The attack vector is: The victim must open a specially crafted pcap file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/the-tcpdump-group/tcpdump/blob/master/print-hncp.c",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/blob/master/print-hncp.c"
},
{
"name": "https://github.com/the-tcpdump-group/tcpdump/commits/master/print-hncp.c",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/commits/master/print-hncp.c"
},
{
"name": "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9.2/print-hncp.c",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9.2/print-hncp.c"
},
{
"name": "openSUSE-SU-2019:1964",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00065.html"
},
{
"name": "openSUSE-SU-2019:2348",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html"
},
{
"name": "openSUSE-SU-2019:2344",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html"
},
{
"name": "FEDORA-2019-85d92df70f",
"refsource": "FEDORA",
"tags": [],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"name": "FEDORA-2019-d06bc63433",
"refsource": "FEDORA",
"tags": [],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
},
{
"name": "FEDORA-2019-6db0d5b9d9",
"refsource": "FEDORA",
"tags": [],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/"
},
{
"name": "USN-4252-2",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/4252-2/"
},
{
"name": "USN-4252-1",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/4252-1/"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
},
"lastModifiedDate": "2019-08-20T18:15Z",
"publishedDate": "2019-07-22T18:15Z"
}
}
}
suse-su-2020:3360-1
Vulnerability from csaf_suse
Published
2020-11-17 12:41
Modified
2020-11-17 12:41
Summary
Security update for tcpdump
Notes
Title of the patch
Security update for tcpdump
Description of the patch
This update for tcpdump fixes the following issues:
- CVE-2020-8037: Fixed an issue where PPP decapsulator did not allocate the right buffer size (bsc#1178466).
The previous update of tcpdump already fixed variuous Buffer overflow/overread vulnerabilities [bsc#1153098, bsc#1153332]
- CVE-2017-16808 (AoE)
- CVE-2018-14468 (FrameRelay)
- CVE-2018-14469 (IKEv1)
- CVE-2018-14470 (BABEL)
- CVE-2018-14466 (AFS/RX)
- CVE-2018-14461 (LDP)
- CVE-2018-14462 (ICMP)
- CVE-2018-14465 (RSVP)
- CVE-2018-14464 (LMP)
- CVE-2019-15166 (LMP)
- CVE-2018-14880 (OSPF6)
- CVE-2018-14882 (RPL)
- CVE-2018-16227 (802.11)
- CVE-2018-16229 (DCCP)
- CVE-2018-14467 (BGP)
- CVE-2018-14881 (BGP)
- CVE-2018-16230 (BGP)
- CVE-2018-16300 (BGP)
- CVE-2018-14463 (VRRP)
- CVE-2019-15167 (VRRP)
- CVE-2018-14879 (tcpdump -V)
- CVE-2018-16228 (HNCP) is a duplicate of the already fixed CVE-2019-1010220
- CVE-2018-16301 (fixed in libpcap)
- CVE-2018-16451 (SMB)
- CVE-2018-16452 (SMB)
- CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled)
- CVE-2018-10105 (SMB - too unreliably reproduced, SMB printing disabled)
Patchnames
SUSE-2020-3360,SUSE-SLE-SERVER-12-SP5-2020-3360
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for tcpdump",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for tcpdump fixes the following issues:\n\n- CVE-2020-8037: Fixed an issue where PPP decapsulator did not allocate the right buffer size (bsc#1178466).\n\nThe previous update of tcpdump already fixed variuous Buffer overflow/overread vulnerabilities [bsc#1153098, bsc#1153332]\n\n- CVE-2017-16808 (AoE)\n- CVE-2018-14468 (FrameRelay)\n- CVE-2018-14469 (IKEv1)\n- CVE-2018-14470 (BABEL)\n- CVE-2018-14466 (AFS/RX)\n- CVE-2018-14461 (LDP)\n- CVE-2018-14462 (ICMP)\n- CVE-2018-14465 (RSVP)\n- CVE-2018-14464 (LMP)\n- CVE-2019-15166 (LMP)\n- CVE-2018-14880 (OSPF6)\n- CVE-2018-14882 (RPL)\n- CVE-2018-16227 (802.11)\n- CVE-2018-16229 (DCCP)\n- CVE-2018-14467 (BGP)\n- CVE-2018-14881 (BGP)\n- CVE-2018-16230 (BGP)\n- CVE-2018-16300 (BGP)\n- CVE-2018-14463 (VRRP)\n- CVE-2019-15167 (VRRP)\n- CVE-2018-14879 (tcpdump -V)\n- CVE-2018-16228 (HNCP) is a duplicate of the already fixed CVE-2019-1010220\n- CVE-2018-16301 (fixed in libpcap)\n- CVE-2018-16451 (SMB)\n- CVE-2018-16452 (SMB)\n- CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled)\n- CVE-2018-10105 (SMB - too unreliably reproduced, SMB printing disabled)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-3360,SUSE-SLE-SERVER-12-SP5-2020-3360",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3360-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:3360-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203360-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:3360-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007788.html"
},
{
"category": "self",
"summary": "SUSE Bug 1153098",
"url": "https://bugzilla.suse.com/1153098"
},
{
"category": "self",
"summary": "SUSE Bug 1153332",
"url": "https://bugzilla.suse.com/1153332"
},
{
"category": "self",
"summary": "SUSE Bug 1178466",
"url": "https://bugzilla.suse.com/1178466"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16808 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10103 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10105 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10105/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14461 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14461/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14462 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14462/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14463 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14464 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14465 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14466 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14467 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14468 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14469 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14470 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14879 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14880 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14881 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14882 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16227 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16228 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16228/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16229 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16230 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16230/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16300 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16300/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16301 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16301/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16451 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16451/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16452 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-1010220 page",
"url": "https://www.suse.com/security/cve/CVE-2019-1010220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15166 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15167 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8037 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8037/"
}
],
"title": "Security update for tcpdump",
"tracking": {
"current_release_date": "2020-11-17T12:41:00Z",
"generator": {
"date": "2020-11-17T12:41:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:3360-1",
"initial_release_date": "2020-11-17T12:41:00Z",
"revision_history": [
{
"date": "2020-11-17T12:41:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-14.17.1.aarch64",
"product": {
"name": "tcpdump-4.9.2-14.17.1.aarch64",
"product_id": "tcpdump-4.9.2-14.17.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-14.17.1.i586",
"product": {
"name": "tcpdump-4.9.2-14.17.1.i586",
"product_id": "tcpdump-4.9.2-14.17.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-14.17.1.ppc64le",
"product": {
"name": "tcpdump-4.9.2-14.17.1.ppc64le",
"product_id": "tcpdump-4.9.2-14.17.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-14.17.1.s390",
"product": {
"name": "tcpdump-4.9.2-14.17.1.s390",
"product_id": "tcpdump-4.9.2-14.17.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-14.17.1.s390x",
"product": {
"name": "tcpdump-4.9.2-14.17.1.s390x",
"product_id": "tcpdump-4.9.2-14.17.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-14.17.1.x86_64",
"product": {
"name": "tcpdump-4.9.2-14.17.1.x86_64",
"product_id": "tcpdump-4.9.2-14.17.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.17.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64"
},
"product_reference": "tcpdump-4.9.2-14.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.17.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le"
},
"product_reference": "tcpdump-4.9.2-14.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.17.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x"
},
"product_reference": "tcpdump-4.9.2-14.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.17.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
},
"product_reference": "tcpdump-4.9.2-14.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.17.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64"
},
"product_reference": "tcpdump-4.9.2-14.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.17.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le"
},
"product_reference": "tcpdump-4.9.2-14.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.17.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x"
},
"product_reference": "tcpdump-4.9.2-14.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.17.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
},
"product_reference": "tcpdump-4.9.2-14.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-16808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16808"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16808",
"url": "https://www.suse.com/security/cve/CVE-2017-16808"
},
{
"category": "external",
"summary": "SUSE Bug 1068716 for CVE-2017-16808",
"url": "https://bugzilla.suse.com/1068716"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2017-16808",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "important"
}
],
"title": "CVE-2017-16808"
},
{
"cve": "CVE-2018-10103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10103"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10103",
"url": "https://www.suse.com/security/cve/CVE-2018-10103"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-10103",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-10103"
},
{
"cve": "CVE-2018-10105",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10105"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10105",
"url": "https://www.suse.com/security/cve/CVE-2018-10105"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-10105",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-10105"
},
{
"cve": "CVE-2018-14461",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14461"
}
],
"notes": [
{
"category": "general",
"text": "The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14461",
"url": "https://www.suse.com/security/cve/CVE-2018-14461"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14461",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14461"
},
{
"cve": "CVE-2018-14462",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14462"
}
],
"notes": [
{
"category": "general",
"text": "The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14462",
"url": "https://www.suse.com/security/cve/CVE-2018-14462"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14462",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14462"
},
{
"cve": "CVE-2018-14463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14463"
}
],
"notes": [
{
"category": "general",
"text": "The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14463",
"url": "https://www.suse.com/security/cve/CVE-2018-14463"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14463",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14463"
},
{
"cve": "CVE-2018-14464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14464"
}
],
"notes": [
{
"category": "general",
"text": "The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14464",
"url": "https://www.suse.com/security/cve/CVE-2018-14464"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14464",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14464"
},
{
"cve": "CVE-2018-14465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14465"
}
],
"notes": [
{
"category": "general",
"text": "The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14465",
"url": "https://www.suse.com/security/cve/CVE-2018-14465"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14465",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14465"
},
{
"cve": "CVE-2018-14466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14466"
}
],
"notes": [
{
"category": "general",
"text": "The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14466",
"url": "https://www.suse.com/security/cve/CVE-2018-14466"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14466",
"url": "https://bugzilla.suse.com/1153098"
},
{
"category": "external",
"summary": "SUSE Bug 1166972 for CVE-2018-14466",
"url": "https://bugzilla.suse.com/1166972"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14466"
},
{
"cve": "CVE-2018-14467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14467"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14467",
"url": "https://www.suse.com/security/cve/CVE-2018-14467"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14467",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14467"
},
{
"cve": "CVE-2018-14468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14468"
}
],
"notes": [
{
"category": "general",
"text": "The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14468",
"url": "https://www.suse.com/security/cve/CVE-2018-14468"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14468",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14468"
},
{
"cve": "CVE-2018-14469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14469"
}
],
"notes": [
{
"category": "general",
"text": "The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14469",
"url": "https://www.suse.com/security/cve/CVE-2018-14469"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14469",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14469"
},
{
"cve": "CVE-2018-14470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14470"
}
],
"notes": [
{
"category": "general",
"text": "The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14470",
"url": "https://www.suse.com/security/cve/CVE-2018-14470"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14470",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14470"
},
{
"cve": "CVE-2018-14879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14879"
}
],
"notes": [
{
"category": "general",
"text": "The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14879",
"url": "https://www.suse.com/security/cve/CVE-2018-14879"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14879",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "low"
}
],
"title": "CVE-2018-14879"
},
{
"cve": "CVE-2018-14880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14880"
}
],
"notes": [
{
"category": "general",
"text": "The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14880",
"url": "https://www.suse.com/security/cve/CVE-2018-14880"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14880",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14880"
},
{
"cve": "CVE-2018-14881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14881"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14881",
"url": "https://www.suse.com/security/cve/CVE-2018-14881"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14881",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14881"
},
{
"cve": "CVE-2018-14882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14882"
}
],
"notes": [
{
"category": "general",
"text": "The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14882",
"url": "https://www.suse.com/security/cve/CVE-2018-14882"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14882",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14882"
},
{
"cve": "CVE-2018-16227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16227"
}
],
"notes": [
{
"category": "general",
"text": "The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16227",
"url": "https://www.suse.com/security/cve/CVE-2018-16227"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16227",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16227"
},
{
"cve": "CVE-2018-16228",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16228"
}
],
"notes": [
{
"category": "general",
"text": "The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16228",
"url": "https://www.suse.com/security/cve/CVE-2018-16228"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16228",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16228"
},
{
"cve": "CVE-2018-16229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16229"
}
],
"notes": [
{
"category": "general",
"text": "The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16229",
"url": "https://www.suse.com/security/cve/CVE-2018-16229"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16229",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16229"
},
{
"cve": "CVE-2018-16230",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16230"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16230",
"url": "https://www.suse.com/security/cve/CVE-2018-16230"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16230",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16230"
},
{
"cve": "CVE-2018-16300",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16300"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16300",
"url": "https://www.suse.com/security/cve/CVE-2018-16300"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16300",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "important"
}
],
"title": "CVE-2018-16300"
},
{
"cve": "CVE-2018-16301",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16301"
}
],
"notes": [
{
"category": "general",
"text": "The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16301",
"url": "https://www.suse.com/security/cve/CVE-2018-16301"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16301",
"url": "https://bugzilla.suse.com/1153098"
},
{
"category": "external",
"summary": "SUSE Bug 1153332 for CVE-2018-16301",
"url": "https://bugzilla.suse.com/1153332"
},
{
"category": "external",
"summary": "SUSE Bug 1195825 for CVE-2018-16301",
"url": "https://bugzilla.suse.com/1195825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "important"
}
],
"title": "CVE-2018-16301"
},
{
"cve": "CVE-2018-16451",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16451"
}
],
"notes": [
{
"category": "general",
"text": "The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16451",
"url": "https://www.suse.com/security/cve/CVE-2018-16451"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16451",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16451"
},
{
"cve": "CVE-2018-16452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16452"
}
],
"notes": [
{
"category": "general",
"text": "The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16452",
"url": "https://www.suse.com/security/cve/CVE-2018-16452"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16452",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16452"
},
{
"cve": "CVE-2019-1010220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-1010220"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: \"ND_PRINT((ndo, \"%s\", buf));\", in function named \"print_prefix\", in \"print-hncp.c\". The attack vector is: The victim must open a specially crafted pcap file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-1010220",
"url": "https://www.suse.com/security/cve/CVE-2019-1010220"
},
{
"category": "external",
"summary": "SUSE Bug 1142439 for CVE-2019-1010220",
"url": "https://bugzilla.suse.com/1142439"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2019-1010220",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-1010220"
},
{
"cve": "CVE-2019-15166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15166"
}
],
"notes": [
{
"category": "general",
"text": "lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15166",
"url": "https://www.suse.com/security/cve/CVE-2019-15166"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2019-15166",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-15166"
},
{
"cve": "CVE-2019-15167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15167"
}
],
"notes": [
{
"category": "general",
"text": "The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15167",
"url": "https://www.suse.com/security/cve/CVE-2019-15167"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2019-15167",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-15167"
},
{
"cve": "CVE-2020-8037",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8037"
}
],
"notes": [
{
"category": "general",
"text": "The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8037",
"url": "https://www.suse.com/security/cve/CVE-2020-8037"
},
{
"category": "external",
"summary": "SUSE Bug 1178466 for CVE-2020-8037",
"url": "https://bugzilla.suse.com/1178466"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:tcpdump-4.9.2-14.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcpdump-4.9.2-14.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T12:41:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-8037"
}
]
}
suse-su-2019:2674-1
Vulnerability from csaf_suse
Published
2019-10-15 14:53
Modified
2019-10-15 14:53
Summary
Security update for tcpdump
Notes
Title of the patch
Security update for tcpdump
Description of the patch
This update for tcpdump fixes the following issues:
- CVE-2017-16808: Fixed a heap-based buffer over-read related to aoe_print and lookup_emem (bsc#1068716 bsc#1153098).
- CVE-2018-10103: Fixed a mishandling of the printing of SMB data (bsc#1153098).
- CVE-2018-10105: Fixed a mishandling of the printing of SMB data (bsc#1153098).
- CVE-2018-14461: Fixed a buffer over-read in print-ldp.c:ldp_tlv_print (bsc#1153098).
- CVE-2018-14462: Fixed a buffer over-read in print-icmp.c:icmp_print (bsc#1153098).
- CVE-2018-14463: Fixed a buffer over-read in print-vrrp.c:vrrp_print (bsc#1153098).
- CVE-2018-14464: Fixed a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs (bsc#1153098).
- CVE-2018-14465: Fixed a buffer over-read in print-rsvp.c:rsvp_obj_print (bsc#1153098).
- CVE-2018-14466: Fixed a buffer over-read in print-rx.c:rx_cache_find (bsc#1153098).
- CVE-2018-14467: Fixed a buffer over-read in print-bgp.c:bgp_capabilities_print (bsc#1153098).
- CVE-2018-14468: Fixed a buffer over-read in print-fr.c:mfr_print (bsc#1153098).
- CVE-2018-14469: Fixed a buffer over-read in print-isakmp.c:ikev1_n_print (bsc#1153098).
- CVE-2018-14470: Fixed a buffer over-read in print-babel.c:babel_print_v2 (bsc#1153098).
- CVE-2018-14879: Fixed a buffer overflow in the command-line argument parser (bsc#1153098).
- CVE-2018-14880: Fixed a buffer over-read in the OSPFv3 parser (bsc#1153098).
- CVE-2018-14881: Fixed a buffer over-read in the BGP parser (bsc#1153098).
- CVE-2018-14882: Fixed a buffer over-read in the ICMPv6 parser (bsc#1153098).
- CVE-2018-16227: Fixed a buffer over-read in the IEEE 802.11 parser in print-802_11.c for the Mesh Flags subfield (bsc#1153098).
- CVE-2018-16228: Fixed a buffer over-read in the HNCP parser (bsc#1153098).
- CVE-2018-16229: Fixed a buffer over-read in the DCCP parser (bsc#1153098).
- CVE-2018-16230: Fixed a buffer over-read in the BGP parser in print-bgp.c:bgp_attr_print (bsc#1153098).
- CVE-2018-16300: Fixed an unlimited recursion in the BGP parser that allowed denial-of-service by stack consumption (bsc#1153098).
- CVE-2018-16301: Fixed a buffer overflow (bsc#1153332 bsc#1153098).
- CVE-2018-16451: Fixed several buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN (bsc#1153098).
- CVE-2018-16452: Fixed a stack exhaustion in smbutil.c:smb_fdata (bsc#1153098).
- CVE-2019-15166: Fixed a bounds check in lmp_print_data_link_subobjs (bsc#1153098).
- CVE-2019-15167: Fixed a vulnerability in VRRP (bsc#1153098).
Patchnames
SUSE-2019-2674,SUSE-SLE-Module-Basesystem-15-2019-2674,SUSE-SLE-Module-Basesystem-15-SP1-2019-2674
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for tcpdump",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for tcpdump fixes the following issues:\n\n- CVE-2017-16808: Fixed a heap-based buffer over-read related to aoe_print and lookup_emem (bsc#1068716 bsc#1153098).\n- CVE-2018-10103: Fixed a mishandling of the printing of SMB data (bsc#1153098).\n- CVE-2018-10105: Fixed a mishandling of the printing of SMB data (bsc#1153098).\n- CVE-2018-14461: Fixed a buffer over-read in print-ldp.c:ldp_tlv_print (bsc#1153098).\n- CVE-2018-14462: Fixed a buffer over-read in print-icmp.c:icmp_print (bsc#1153098).\n- CVE-2018-14463: Fixed a buffer over-read in print-vrrp.c:vrrp_print (bsc#1153098).\n- CVE-2018-14464: Fixed a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs (bsc#1153098).\n- CVE-2018-14465: Fixed a buffer over-read in print-rsvp.c:rsvp_obj_print (bsc#1153098).\n- CVE-2018-14466: Fixed a buffer over-read in print-rx.c:rx_cache_find (bsc#1153098).\n- CVE-2018-14467: Fixed a buffer over-read in print-bgp.c:bgp_capabilities_print (bsc#1153098).\n- CVE-2018-14468: Fixed a buffer over-read in print-fr.c:mfr_print (bsc#1153098).\n- CVE-2018-14469: Fixed a buffer over-read in print-isakmp.c:ikev1_n_print (bsc#1153098).\n- CVE-2018-14470: Fixed a buffer over-read in print-babel.c:babel_print_v2 (bsc#1153098).\n- CVE-2018-14879: Fixed a buffer overflow in the command-line argument parser (bsc#1153098).\n- CVE-2018-14880: Fixed a buffer over-read in the OSPFv3 parser (bsc#1153098).\n- CVE-2018-14881: Fixed a buffer over-read in the BGP parser (bsc#1153098).\n- CVE-2018-14882: Fixed a buffer over-read in the ICMPv6 parser (bsc#1153098).\n- CVE-2018-16227: Fixed a buffer over-read in the IEEE 802.11 parser in print-802_11.c for the Mesh Flags subfield (bsc#1153098).\n- CVE-2018-16228: Fixed a buffer over-read in the HNCP parser (bsc#1153098).\n- CVE-2018-16229: Fixed a buffer over-read in the DCCP parser (bsc#1153098).\n- CVE-2018-16230: Fixed a buffer over-read in the BGP parser in print-bgp.c:bgp_attr_print (bsc#1153098).\n- CVE-2018-16300: Fixed an unlimited recursion in the BGP parser that allowed denial-of-service by stack consumption (bsc#1153098).\n- CVE-2018-16301: Fixed a buffer overflow (bsc#1153332 bsc#1153098).\n- CVE-2018-16451: Fixed several buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN (bsc#1153098).\n- CVE-2018-16452: Fixed a stack exhaustion in smbutil.c:smb_fdata (bsc#1153098).\n- CVE-2019-15166: Fixed a bounds check in lmp_print_data_link_subobjs (bsc#1153098).\n- CVE-2019-15167: Fixed a vulnerability in VRRP (bsc#1153098).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-2674,SUSE-SLE-Module-Basesystem-15-2019-2674,SUSE-SLE-Module-Basesystem-15-SP1-2019-2674",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_2674-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:2674-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192674-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:2674-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-October/006020.html"
},
{
"category": "self",
"summary": "SUSE Bug 1068716",
"url": "https://bugzilla.suse.com/1068716"
},
{
"category": "self",
"summary": "SUSE Bug 1153098",
"url": "https://bugzilla.suse.com/1153098"
},
{
"category": "self",
"summary": "SUSE Bug 1153332",
"url": "https://bugzilla.suse.com/1153332"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16808 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10103 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10105 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10105/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14461 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14461/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14462 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14462/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14463 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14464 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14465 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14466 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14467 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14468 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14469 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14470 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14879 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14880 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14881 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14882 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16227 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16228 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16228/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16229 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16230 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16230/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16300 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16300/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16301 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16301/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16451 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16451/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16452 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-1010220 page",
"url": "https://www.suse.com/security/cve/CVE-2019-1010220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15166 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15167 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15167/"
}
],
"title": "Security update for tcpdump",
"tracking": {
"current_release_date": "2019-10-15T14:53:30Z",
"generator": {
"date": "2019-10-15T14:53:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:2674-1",
"initial_release_date": "2019-10-15T14:53:30Z",
"revision_history": [
{
"date": "2019-10-15T14:53:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-3.9.1.aarch64",
"product": {
"name": "tcpdump-4.9.2-3.9.1.aarch64",
"product_id": "tcpdump-4.9.2-3.9.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-3.9.1.i586",
"product": {
"name": "tcpdump-4.9.2-3.9.1.i586",
"product_id": "tcpdump-4.9.2-3.9.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-3.9.1.ppc64le",
"product": {
"name": "tcpdump-4.9.2-3.9.1.ppc64le",
"product_id": "tcpdump-4.9.2-3.9.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-3.9.1.s390x",
"product": {
"name": "tcpdump-4.9.2-3.9.1.s390x",
"product_id": "tcpdump-4.9.2-3.9.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-3.9.1.x86_64",
"product": {
"name": "tcpdump-4.9.2-3.9.1.x86_64",
"product_id": "tcpdump-4.9.2-3.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-3.9.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64"
},
"product_reference": "tcpdump-4.9.2-3.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-3.9.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le"
},
"product_reference": "tcpdump-4.9.2-3.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-3.9.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x"
},
"product_reference": "tcpdump-4.9.2-3.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-3.9.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
},
"product_reference": "tcpdump-4.9.2-3.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-3.9.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64"
},
"product_reference": "tcpdump-4.9.2-3.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-3.9.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le"
},
"product_reference": "tcpdump-4.9.2-3.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-3.9.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x"
},
"product_reference": "tcpdump-4.9.2-3.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-3.9.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64"
},
"product_reference": "tcpdump-4.9.2-3.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-16808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16808"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16808",
"url": "https://www.suse.com/security/cve/CVE-2017-16808"
},
{
"category": "external",
"summary": "SUSE Bug 1068716 for CVE-2017-16808",
"url": "https://bugzilla.suse.com/1068716"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2017-16808",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "important"
}
],
"title": "CVE-2017-16808"
},
{
"cve": "CVE-2018-10103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10103"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10103",
"url": "https://www.suse.com/security/cve/CVE-2018-10103"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-10103",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-10103"
},
{
"cve": "CVE-2018-10105",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10105"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10105",
"url": "https://www.suse.com/security/cve/CVE-2018-10105"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-10105",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-10105"
},
{
"cve": "CVE-2018-14461",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14461"
}
],
"notes": [
{
"category": "general",
"text": "The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14461",
"url": "https://www.suse.com/security/cve/CVE-2018-14461"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14461",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-14461"
},
{
"cve": "CVE-2018-14462",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14462"
}
],
"notes": [
{
"category": "general",
"text": "The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14462",
"url": "https://www.suse.com/security/cve/CVE-2018-14462"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14462",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-14462"
},
{
"cve": "CVE-2018-14463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14463"
}
],
"notes": [
{
"category": "general",
"text": "The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14463",
"url": "https://www.suse.com/security/cve/CVE-2018-14463"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14463",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-14463"
},
{
"cve": "CVE-2018-14464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14464"
}
],
"notes": [
{
"category": "general",
"text": "The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14464",
"url": "https://www.suse.com/security/cve/CVE-2018-14464"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14464",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-14464"
},
{
"cve": "CVE-2018-14465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14465"
}
],
"notes": [
{
"category": "general",
"text": "The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14465",
"url": "https://www.suse.com/security/cve/CVE-2018-14465"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14465",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-14465"
},
{
"cve": "CVE-2018-14466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14466"
}
],
"notes": [
{
"category": "general",
"text": "The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14466",
"url": "https://www.suse.com/security/cve/CVE-2018-14466"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14466",
"url": "https://bugzilla.suse.com/1153098"
},
{
"category": "external",
"summary": "SUSE Bug 1166972 for CVE-2018-14466",
"url": "https://bugzilla.suse.com/1166972"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-14466"
},
{
"cve": "CVE-2018-14467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14467"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14467",
"url": "https://www.suse.com/security/cve/CVE-2018-14467"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14467",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-14467"
},
{
"cve": "CVE-2018-14468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14468"
}
],
"notes": [
{
"category": "general",
"text": "The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14468",
"url": "https://www.suse.com/security/cve/CVE-2018-14468"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14468",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-14468"
},
{
"cve": "CVE-2018-14469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14469"
}
],
"notes": [
{
"category": "general",
"text": "The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14469",
"url": "https://www.suse.com/security/cve/CVE-2018-14469"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14469",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-14469"
},
{
"cve": "CVE-2018-14470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14470"
}
],
"notes": [
{
"category": "general",
"text": "The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14470",
"url": "https://www.suse.com/security/cve/CVE-2018-14470"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14470",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-14470"
},
{
"cve": "CVE-2018-14879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14879"
}
],
"notes": [
{
"category": "general",
"text": "The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14879",
"url": "https://www.suse.com/security/cve/CVE-2018-14879"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14879",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "low"
}
],
"title": "CVE-2018-14879"
},
{
"cve": "CVE-2018-14880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14880"
}
],
"notes": [
{
"category": "general",
"text": "The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14880",
"url": "https://www.suse.com/security/cve/CVE-2018-14880"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14880",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-14880"
},
{
"cve": "CVE-2018-14881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14881"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14881",
"url": "https://www.suse.com/security/cve/CVE-2018-14881"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14881",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-14881"
},
{
"cve": "CVE-2018-14882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14882"
}
],
"notes": [
{
"category": "general",
"text": "The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14882",
"url": "https://www.suse.com/security/cve/CVE-2018-14882"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14882",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-14882"
},
{
"cve": "CVE-2018-16227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16227"
}
],
"notes": [
{
"category": "general",
"text": "The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16227",
"url": "https://www.suse.com/security/cve/CVE-2018-16227"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16227",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-16227"
},
{
"cve": "CVE-2018-16228",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16228"
}
],
"notes": [
{
"category": "general",
"text": "The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16228",
"url": "https://www.suse.com/security/cve/CVE-2018-16228"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16228",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-16228"
},
{
"cve": "CVE-2018-16229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16229"
}
],
"notes": [
{
"category": "general",
"text": "The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16229",
"url": "https://www.suse.com/security/cve/CVE-2018-16229"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16229",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-16229"
},
{
"cve": "CVE-2018-16230",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16230"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16230",
"url": "https://www.suse.com/security/cve/CVE-2018-16230"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16230",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-16230"
},
{
"cve": "CVE-2018-16300",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16300"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16300",
"url": "https://www.suse.com/security/cve/CVE-2018-16300"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16300",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "important"
}
],
"title": "CVE-2018-16300"
},
{
"cve": "CVE-2018-16301",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16301"
}
],
"notes": [
{
"category": "general",
"text": "The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16301",
"url": "https://www.suse.com/security/cve/CVE-2018-16301"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16301",
"url": "https://bugzilla.suse.com/1153098"
},
{
"category": "external",
"summary": "SUSE Bug 1153332 for CVE-2018-16301",
"url": "https://bugzilla.suse.com/1153332"
},
{
"category": "external",
"summary": "SUSE Bug 1195825 for CVE-2018-16301",
"url": "https://bugzilla.suse.com/1195825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "important"
}
],
"title": "CVE-2018-16301"
},
{
"cve": "CVE-2018-16451",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16451"
}
],
"notes": [
{
"category": "general",
"text": "The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16451",
"url": "https://www.suse.com/security/cve/CVE-2018-16451"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16451",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-16451"
},
{
"cve": "CVE-2018-16452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16452"
}
],
"notes": [
{
"category": "general",
"text": "The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16452",
"url": "https://www.suse.com/security/cve/CVE-2018-16452"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16452",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-16452"
},
{
"cve": "CVE-2019-1010220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-1010220"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: \"ND_PRINT((ndo, \"%s\", buf));\", in function named \"print_prefix\", in \"print-hncp.c\". The attack vector is: The victim must open a specially crafted pcap file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-1010220",
"url": "https://www.suse.com/security/cve/CVE-2019-1010220"
},
{
"category": "external",
"summary": "SUSE Bug 1142439 for CVE-2019-1010220",
"url": "https://bugzilla.suse.com/1142439"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2019-1010220",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2019-1010220"
},
{
"cve": "CVE-2019-15166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15166"
}
],
"notes": [
{
"category": "general",
"text": "lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15166",
"url": "https://www.suse.com/security/cve/CVE-2019-15166"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2019-15166",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2019-15166"
},
{
"cve": "CVE-2019-15167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15167"
}
],
"notes": [
{
"category": "general",
"text": "The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15167",
"url": "https://www.suse.com/security/cve/CVE-2019-15167"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2019-15167",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.9.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-15T14:53:30Z",
"details": "moderate"
}
],
"title": "CVE-2019-15167"
}
]
}
suse-su-2019:2088-1
Vulnerability from csaf_suse
Published
2019-08-07 16:17
Modified
2019-08-07 16:17
Summary
Security update for tcpdump
Notes
Title of the patch
Security update for tcpdump
Description of the patch
This update for tcpdump fixes the following issues:
Security issues fixed:
- CVE-2019-1010220: Fixed a buffer over-read in print_prefix() which may expose data (bsc#1142439).
- CVE-2017-16808: Fixed a heap-based buffer over-read related to aoe_print() and lookup_emem() (bsc#1068716).
Patchnames
SUSE-2019-2088,SUSE-SLE-DESKTOP-12-SP4-2019-2088,SUSE-SLE-SERVER-12-SP4-2019-2088
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for tcpdump",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for tcpdump fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-1010220: Fixed a buffer over-read in print_prefix() which may expose data (bsc#1142439).\n- CVE-2017-16808: Fixed a heap-based buffer over-read related to aoe_print() and lookup_emem() (bsc#1068716).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-2088,SUSE-SLE-DESKTOP-12-SP4-2019-2088,SUSE-SLE-SERVER-12-SP4-2019-2088",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_2088-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:2088-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192088-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:2088-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-August/005799.html"
},
{
"category": "self",
"summary": "SUSE Bug 1068716",
"url": "https://bugzilla.suse.com/1068716"
},
{
"category": "self",
"summary": "SUSE Bug 1142439",
"url": "https://bugzilla.suse.com/1142439"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16808 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-1010220 page",
"url": "https://www.suse.com/security/cve/CVE-2019-1010220/"
}
],
"title": "Security update for tcpdump",
"tracking": {
"current_release_date": "2019-08-07T16:17:32Z",
"generator": {
"date": "2019-08-07T16:17:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:2088-1",
"initial_release_date": "2019-08-07T16:17:32Z",
"revision_history": [
{
"date": "2019-08-07T16:17:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-14.11.1.aarch64",
"product": {
"name": "tcpdump-4.9.2-14.11.1.aarch64",
"product_id": "tcpdump-4.9.2-14.11.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-14.11.1.i586",
"product": {
"name": "tcpdump-4.9.2-14.11.1.i586",
"product_id": "tcpdump-4.9.2-14.11.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-14.11.1.ppc64le",
"product": {
"name": "tcpdump-4.9.2-14.11.1.ppc64le",
"product_id": "tcpdump-4.9.2-14.11.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-14.11.1.s390",
"product": {
"name": "tcpdump-4.9.2-14.11.1.s390",
"product_id": "tcpdump-4.9.2-14.11.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-14.11.1.s390x",
"product": {
"name": "tcpdump-4.9.2-14.11.1.s390x",
"product_id": "tcpdump-4.9.2-14.11.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-14.11.1.x86_64",
"product": {
"name": "tcpdump-4.9.2-14.11.1.x86_64",
"product_id": "tcpdump-4.9.2-14.11.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.11.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:tcpdump-4.9.2-14.11.1.x86_64"
},
"product_reference": "tcpdump-4.9.2-14.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.11.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.aarch64"
},
"product_reference": "tcpdump-4.9.2-14.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.11.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.ppc64le"
},
"product_reference": "tcpdump-4.9.2-14.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.11.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.s390x"
},
"product_reference": "tcpdump-4.9.2-14.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.11.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.x86_64"
},
"product_reference": "tcpdump-4.9.2-14.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.11.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.aarch64"
},
"product_reference": "tcpdump-4.9.2-14.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.ppc64le"
},
"product_reference": "tcpdump-4.9.2-14.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.s390x"
},
"product_reference": "tcpdump-4.9.2-14.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.x86_64"
},
"product_reference": "tcpdump-4.9.2-14.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-16808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16808"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:tcpdump-4.9.2-14.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16808",
"url": "https://www.suse.com/security/cve/CVE-2017-16808"
},
{
"category": "external",
"summary": "SUSE Bug 1068716 for CVE-2017-16808",
"url": "https://bugzilla.suse.com/1068716"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2017-16808",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:tcpdump-4.9.2-14.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:tcpdump-4.9.2-14.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-07T16:17:32Z",
"details": "important"
}
],
"title": "CVE-2017-16808"
},
{
"cve": "CVE-2019-1010220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-1010220"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: \"ND_PRINT((ndo, \"%s\", buf));\", in function named \"print_prefix\", in \"print-hncp.c\". The attack vector is: The victim must open a specially crafted pcap file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:tcpdump-4.9.2-14.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-1010220",
"url": "https://www.suse.com/security/cve/CVE-2019-1010220"
},
{
"category": "external",
"summary": "SUSE Bug 1142439 for CVE-2019-1010220",
"url": "https://bugzilla.suse.com/1142439"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2019-1010220",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:tcpdump-4.9.2-14.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:tcpdump-4.9.2-14.11.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:tcpdump-4.9.2-14.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:tcpdump-4.9.2-14.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-07T16:17:32Z",
"details": "moderate"
}
],
"title": "CVE-2019-1010220"
}
]
}
suse-su-2019:2087-1
Vulnerability from csaf_suse
Published
2019-08-07 16:16
Modified
2019-08-07 16:16
Summary
Security update for tcpdump
Notes
Title of the patch
Security update for tcpdump
Description of the patch
This update for tcpdump fixes the following issues:
Security issues fixed:
- CVE-2019-1010220: Fixed a buffer over-read in print_prefix() which may expose data (bsc#1142439).
- CVE-2017-16808: Fixed a heap-based buffer over-read related to aoe_print() and lookup_emem() (bsc#1068716).
Patchnames
SUSE-2019-2087,SUSE-SLE-Module-Basesystem-15-2019-2087,SUSE-SLE-Module-Basesystem-15-SP1-2019-2087
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for tcpdump",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for tcpdump fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-1010220: Fixed a buffer over-read in print_prefix() which may expose data (bsc#1142439).\n- CVE-2017-16808: Fixed a heap-based buffer over-read related to aoe_print() and lookup_emem() (bsc#1068716).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-2087,SUSE-SLE-Module-Basesystem-15-2019-2087,SUSE-SLE-Module-Basesystem-15-SP1-2019-2087",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_2087-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:2087-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192087-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:2087-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-August/005800.html"
},
{
"category": "self",
"summary": "SUSE Bug 1068716",
"url": "https://bugzilla.suse.com/1068716"
},
{
"category": "self",
"summary": "SUSE Bug 1142439",
"url": "https://bugzilla.suse.com/1142439"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16808 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-1010220 page",
"url": "https://www.suse.com/security/cve/CVE-2019-1010220/"
}
],
"title": "Security update for tcpdump",
"tracking": {
"current_release_date": "2019-08-07T16:16:51Z",
"generator": {
"date": "2019-08-07T16:16:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:2087-1",
"initial_release_date": "2019-08-07T16:16:51Z",
"revision_history": [
{
"date": "2019-08-07T16:16:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-3.6.1.aarch64",
"product": {
"name": "tcpdump-4.9.2-3.6.1.aarch64",
"product_id": "tcpdump-4.9.2-3.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-3.6.1.i586",
"product": {
"name": "tcpdump-4.9.2-3.6.1.i586",
"product_id": "tcpdump-4.9.2-3.6.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-3.6.1.ppc64le",
"product": {
"name": "tcpdump-4.9.2-3.6.1.ppc64le",
"product_id": "tcpdump-4.9.2-3.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-3.6.1.s390x",
"product": {
"name": "tcpdump-4.9.2-3.6.1.s390x",
"product_id": "tcpdump-4.9.2-3.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-3.6.1.x86_64",
"product": {
"name": "tcpdump-4.9.2-3.6.1.x86_64",
"product_id": "tcpdump-4.9.2-3.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.aarch64"
},
"product_reference": "tcpdump-4.9.2-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.ppc64le"
},
"product_reference": "tcpdump-4.9.2-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-3.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.s390x"
},
"product_reference": "tcpdump-4.9.2-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.x86_64"
},
"product_reference": "tcpdump-4.9.2-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.aarch64"
},
"product_reference": "tcpdump-4.9.2-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.ppc64le"
},
"product_reference": "tcpdump-4.9.2-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-3.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.s390x"
},
"product_reference": "tcpdump-4.9.2-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.x86_64"
},
"product_reference": "tcpdump-4.9.2-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-16808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16808"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16808",
"url": "https://www.suse.com/security/cve/CVE-2017-16808"
},
{
"category": "external",
"summary": "SUSE Bug 1068716 for CVE-2017-16808",
"url": "https://bugzilla.suse.com/1068716"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2017-16808",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-07T16:16:51Z",
"details": "important"
}
],
"title": "CVE-2017-16808"
},
{
"cve": "CVE-2019-1010220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-1010220"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: \"ND_PRINT((ndo, \"%s\", buf));\", in function named \"print_prefix\", in \"print-hncp.c\". The attack vector is: The victim must open a specially crafted pcap file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-1010220",
"url": "https://www.suse.com/security/cve/CVE-2019-1010220"
},
{
"category": "external",
"summary": "SUSE Bug 1142439 for CVE-2019-1010220",
"url": "https://bugzilla.suse.com/1142439"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2019-1010220",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:tcpdump-4.9.2-3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:tcpdump-4.9.2-3.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-07T16:16:51Z",
"details": "moderate"
}
],
"title": "CVE-2019-1010220"
}
]
}
ghsa-fj2x-3wgg-g9c7
Vulnerability from github
Published
2022-05-24 16:50
Modified
2024-04-04 01:19
Severity ?
VLAI Severity ?
Details
tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-hncp.c". The attack vector is: The victim must open a specially crafted pcap file.
{
"affected": [],
"aliases": [
"CVE-2019-1010220"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-07-22T18:15:00Z",
"severity": "MODERATE"
},
"details": "tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: \"ND_PRINT((ndo, \"%s\", buf));\", in function named \"print_prefix\", in \"print-hncp.c\". The attack vector is: The victim must open a specially crafted pcap file.",
"id": "GHSA-fj2x-3wgg-g9c7",
"modified": "2024-04-04T01:19:42Z",
"published": "2022-05-24T16:50:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010220"
},
{
"type": "WEB",
"url": "https://github.com/the-tcpdump-group/tcpdump/blob/master/print-hncp.c"
},
{
"type": "WEB",
"url": "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9.2/print-hncp.c"
},
{
"type": "WEB",
"url": "https://github.com/the-tcpdump-group/tcpdump/commits/master/print-hncp.c"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4252-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4252-2"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00065.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
opensuse-su-2019:2344-1
Vulnerability from csaf_opensuse
Published
2019-10-20 16:18
Modified
2019-10-20 16:18
Summary
Security update for tcpdump
Notes
Title of the patch
Security update for tcpdump
Description of the patch
This update for tcpdump fixes the following issues:
- CVE-2017-16808: Fixed a heap-based buffer over-read related to aoe_print and lookup_emem (bsc#1068716 bsc#1153098).
- CVE-2018-10103: Fixed a mishandling of the printing of SMB data (bsc#1153098).
- CVE-2018-10105: Fixed a mishandling of the printing of SMB data (bsc#1153098).
- CVE-2018-14461: Fixed a buffer over-read in print-ldp.c:ldp_tlv_print (bsc#1153098).
- CVE-2018-14462: Fixed a buffer over-read in print-icmp.c:icmp_print (bsc#1153098).
- CVE-2018-14463: Fixed a buffer over-read in print-vrrp.c:vrrp_print (bsc#1153098).
- CVE-2018-14464: Fixed a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs (bsc#1153098).
- CVE-2018-14465: Fixed a buffer over-read in print-rsvp.c:rsvp_obj_print (bsc#1153098).
- CVE-2018-14466: Fixed a buffer over-read in print-rx.c:rx_cache_find (bsc#1153098).
- CVE-2018-14467: Fixed a buffer over-read in print-bgp.c:bgp_capabilities_print (bsc#1153098).
- CVE-2018-14468: Fixed a buffer over-read in print-fr.c:mfr_print (bsc#1153098).
- CVE-2018-14469: Fixed a buffer over-read in print-isakmp.c:ikev1_n_print (bsc#1153098).
- CVE-2018-14470: Fixed a buffer over-read in print-babel.c:babel_print_v2 (bsc#1153098).
- CVE-2018-14879: Fixed a buffer overflow in the command-line argument parser (bsc#1153098).
- CVE-2018-14880: Fixed a buffer over-read in the OSPFv3 parser (bsc#1153098).
- CVE-2018-14881: Fixed a buffer over-read in the BGP parser (bsc#1153098).
- CVE-2018-14882: Fixed a buffer over-read in the ICMPv6 parser (bsc#1153098).
- CVE-2018-16227: Fixed a buffer over-read in the IEEE 802.11 parser in print-802_11.c for the Mesh Flags subfield (bsc#1153098).
- CVE-2018-16228: Fixed a buffer over-read in the HNCP parser (bsc#1153098).
- CVE-2018-16229: Fixed a buffer over-read in the DCCP parser (bsc#1153098).
- CVE-2018-16230: Fixed a buffer over-read in the BGP parser in print-bgp.c:bgp_attr_print (bsc#1153098).
- CVE-2018-16300: Fixed an unlimited recursion in the BGP parser that allowed denial-of-service by stack consumption (bsc#1153098).
- CVE-2018-16301: Fixed a buffer overflow (bsc#1153332 bsc#1153098).
- CVE-2018-16451: Fixed several buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN (bsc#1153098).
- CVE-2018-16452: Fixed a stack exhaustion in smbutil.c:smb_fdata (bsc#1153098).
- CVE-2019-15166: Fixed a bounds check in lmp_print_data_link_subobjs (bsc#1153098).
- CVE-2019-15167: Fixed a vulnerability in VRRP (bsc#1153098).
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames
openSUSE-2019-2344
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for tcpdump",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for tcpdump fixes the following issues:\n\n- CVE-2017-16808: Fixed a heap-based buffer over-read related to aoe_print and lookup_emem (bsc#1068716 bsc#1153098).\n- CVE-2018-10103: Fixed a mishandling of the printing of SMB data (bsc#1153098).\n- CVE-2018-10105: Fixed a mishandling of the printing of SMB data (bsc#1153098).\n- CVE-2018-14461: Fixed a buffer over-read in print-ldp.c:ldp_tlv_print (bsc#1153098).\n- CVE-2018-14462: Fixed a buffer over-read in print-icmp.c:icmp_print (bsc#1153098).\n- CVE-2018-14463: Fixed a buffer over-read in print-vrrp.c:vrrp_print (bsc#1153098).\n- CVE-2018-14464: Fixed a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs (bsc#1153098).\n- CVE-2018-14465: Fixed a buffer over-read in print-rsvp.c:rsvp_obj_print (bsc#1153098).\n- CVE-2018-14466: Fixed a buffer over-read in print-rx.c:rx_cache_find (bsc#1153098).\n- CVE-2018-14467: Fixed a buffer over-read in print-bgp.c:bgp_capabilities_print (bsc#1153098).\n- CVE-2018-14468: Fixed a buffer over-read in print-fr.c:mfr_print (bsc#1153098).\n- CVE-2018-14469: Fixed a buffer over-read in print-isakmp.c:ikev1_n_print (bsc#1153098).\n- CVE-2018-14470: Fixed a buffer over-read in print-babel.c:babel_print_v2 (bsc#1153098).\n- CVE-2018-14879: Fixed a buffer overflow in the command-line argument parser (bsc#1153098).\n- CVE-2018-14880: Fixed a buffer over-read in the OSPFv3 parser (bsc#1153098).\n- CVE-2018-14881: Fixed a buffer over-read in the BGP parser (bsc#1153098).\n- CVE-2018-14882: Fixed a buffer over-read in the ICMPv6 parser (bsc#1153098).\n- CVE-2018-16227: Fixed a buffer over-read in the IEEE 802.11 parser in print-802_11.c for the Mesh Flags subfield (bsc#1153098).\n- CVE-2018-16228: Fixed a buffer over-read in the HNCP parser (bsc#1153098).\n- CVE-2018-16229: Fixed a buffer over-read in the DCCP parser (bsc#1153098).\n- CVE-2018-16230: Fixed a buffer over-read in the BGP parser in print-bgp.c:bgp_attr_print (bsc#1153098).\n- CVE-2018-16300: Fixed an unlimited recursion in the BGP parser that allowed denial-of-service by stack consumption (bsc#1153098).\n- CVE-2018-16301: Fixed a buffer overflow (bsc#1153332 bsc#1153098).\n- CVE-2018-16451: Fixed several buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN (bsc#1153098).\n- CVE-2018-16452: Fixed a stack exhaustion in smbutil.c:smb_fdata (bsc#1153098).\n- CVE-2019-15166: Fixed a bounds check in lmp_print_data_link_subobjs (bsc#1153098).\n- CVE-2019-15167: Fixed a vulnerability in VRRP (bsc#1153098).\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-2344",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2344-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:2344-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MKQWXXAEJMKN6KVJXWDQTBKWQTVSGWAA/#MKQWXXAEJMKN6KVJXWDQTBKWQTVSGWAA"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:2344-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MKQWXXAEJMKN6KVJXWDQTBKWQTVSGWAA/#MKQWXXAEJMKN6KVJXWDQTBKWQTVSGWAA"
},
{
"category": "self",
"summary": "SUSE Bug 1068716",
"url": "https://bugzilla.suse.com/1068716"
},
{
"category": "self",
"summary": "SUSE Bug 1153098",
"url": "https://bugzilla.suse.com/1153098"
},
{
"category": "self",
"summary": "SUSE Bug 1153332",
"url": "https://bugzilla.suse.com/1153332"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16808 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10103 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10105 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10105/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14461 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14461/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14462 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14462/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14463 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14464 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14465 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14466 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14467 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14468 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14469 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14470 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14879 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14880 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14881 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14882 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16227 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16228 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16228/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16229 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16230 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16230/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16300 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16300/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16301 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16301/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16451 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16451/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16452 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-1010220 page",
"url": "https://www.suse.com/security/cve/CVE-2019-1010220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15166 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15167 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15167/"
}
],
"title": "Security update for tcpdump",
"tracking": {
"current_release_date": "2019-10-20T16:18:13Z",
"generator": {
"date": "2019-10-20T16:18:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:2344-1",
"initial_release_date": "2019-10-20T16:18:13Z",
"revision_history": [
{
"date": "2019-10-20T16:18:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-lp150.10.1.x86_64",
"product": {
"name": "tcpdump-4.9.2-lp150.10.1.x86_64",
"product_id": "tcpdump-4.9.2-lp150.10.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.0",
"product": {
"name": "openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-lp150.10.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
},
"product_reference": "tcpdump-4.9.2-lp150.10.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-16808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16808"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16808",
"url": "https://www.suse.com/security/cve/CVE-2017-16808"
},
{
"category": "external",
"summary": "SUSE Bug 1068716 for CVE-2017-16808",
"url": "https://bugzilla.suse.com/1068716"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2017-16808",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "important"
}
],
"title": "CVE-2017-16808"
},
{
"cve": "CVE-2018-10103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10103"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10103",
"url": "https://www.suse.com/security/cve/CVE-2018-10103"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-10103",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-10103"
},
{
"cve": "CVE-2018-10105",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10105"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10105",
"url": "https://www.suse.com/security/cve/CVE-2018-10105"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-10105",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-10105"
},
{
"cve": "CVE-2018-14461",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14461"
}
],
"notes": [
{
"category": "general",
"text": "The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14461",
"url": "https://www.suse.com/security/cve/CVE-2018-14461"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14461",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-14461"
},
{
"cve": "CVE-2018-14462",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14462"
}
],
"notes": [
{
"category": "general",
"text": "The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14462",
"url": "https://www.suse.com/security/cve/CVE-2018-14462"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14462",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-14462"
},
{
"cve": "CVE-2018-14463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14463"
}
],
"notes": [
{
"category": "general",
"text": "The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14463",
"url": "https://www.suse.com/security/cve/CVE-2018-14463"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14463",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-14463"
},
{
"cve": "CVE-2018-14464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14464"
}
],
"notes": [
{
"category": "general",
"text": "The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14464",
"url": "https://www.suse.com/security/cve/CVE-2018-14464"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14464",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-14464"
},
{
"cve": "CVE-2018-14465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14465"
}
],
"notes": [
{
"category": "general",
"text": "The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14465",
"url": "https://www.suse.com/security/cve/CVE-2018-14465"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14465",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-14465"
},
{
"cve": "CVE-2018-14466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14466"
}
],
"notes": [
{
"category": "general",
"text": "The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14466",
"url": "https://www.suse.com/security/cve/CVE-2018-14466"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14466",
"url": "https://bugzilla.suse.com/1153098"
},
{
"category": "external",
"summary": "SUSE Bug 1166972 for CVE-2018-14466",
"url": "https://bugzilla.suse.com/1166972"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-14466"
},
{
"cve": "CVE-2018-14467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14467"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14467",
"url": "https://www.suse.com/security/cve/CVE-2018-14467"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14467",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-14467"
},
{
"cve": "CVE-2018-14468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14468"
}
],
"notes": [
{
"category": "general",
"text": "The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14468",
"url": "https://www.suse.com/security/cve/CVE-2018-14468"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14468",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-14468"
},
{
"cve": "CVE-2018-14469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14469"
}
],
"notes": [
{
"category": "general",
"text": "The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14469",
"url": "https://www.suse.com/security/cve/CVE-2018-14469"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14469",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-14469"
},
{
"cve": "CVE-2018-14470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14470"
}
],
"notes": [
{
"category": "general",
"text": "The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14470",
"url": "https://www.suse.com/security/cve/CVE-2018-14470"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14470",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-14470"
},
{
"cve": "CVE-2018-14879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14879"
}
],
"notes": [
{
"category": "general",
"text": "The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14879",
"url": "https://www.suse.com/security/cve/CVE-2018-14879"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14879",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "low"
}
],
"title": "CVE-2018-14879"
},
{
"cve": "CVE-2018-14880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14880"
}
],
"notes": [
{
"category": "general",
"text": "The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14880",
"url": "https://www.suse.com/security/cve/CVE-2018-14880"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14880",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-14880"
},
{
"cve": "CVE-2018-14881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14881"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14881",
"url": "https://www.suse.com/security/cve/CVE-2018-14881"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14881",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-14881"
},
{
"cve": "CVE-2018-14882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14882"
}
],
"notes": [
{
"category": "general",
"text": "The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14882",
"url": "https://www.suse.com/security/cve/CVE-2018-14882"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14882",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-14882"
},
{
"cve": "CVE-2018-16227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16227"
}
],
"notes": [
{
"category": "general",
"text": "The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16227",
"url": "https://www.suse.com/security/cve/CVE-2018-16227"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16227",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-16227"
},
{
"cve": "CVE-2018-16228",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16228"
}
],
"notes": [
{
"category": "general",
"text": "The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16228",
"url": "https://www.suse.com/security/cve/CVE-2018-16228"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16228",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-16228"
},
{
"cve": "CVE-2018-16229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16229"
}
],
"notes": [
{
"category": "general",
"text": "The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16229",
"url": "https://www.suse.com/security/cve/CVE-2018-16229"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16229",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-16229"
},
{
"cve": "CVE-2018-16230",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16230"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16230",
"url": "https://www.suse.com/security/cve/CVE-2018-16230"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16230",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-16230"
},
{
"cve": "CVE-2018-16300",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16300"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16300",
"url": "https://www.suse.com/security/cve/CVE-2018-16300"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16300",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "important"
}
],
"title": "CVE-2018-16300"
},
{
"cve": "CVE-2018-16301",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16301"
}
],
"notes": [
{
"category": "general",
"text": "The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16301",
"url": "https://www.suse.com/security/cve/CVE-2018-16301"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16301",
"url": "https://bugzilla.suse.com/1153098"
},
{
"category": "external",
"summary": "SUSE Bug 1153332 for CVE-2018-16301",
"url": "https://bugzilla.suse.com/1153332"
},
{
"category": "external",
"summary": "SUSE Bug 1195825 for CVE-2018-16301",
"url": "https://bugzilla.suse.com/1195825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "important"
}
],
"title": "CVE-2018-16301"
},
{
"cve": "CVE-2018-16451",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16451"
}
],
"notes": [
{
"category": "general",
"text": "The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16451",
"url": "https://www.suse.com/security/cve/CVE-2018-16451"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16451",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-16451"
},
{
"cve": "CVE-2018-16452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16452"
}
],
"notes": [
{
"category": "general",
"text": "The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16452",
"url": "https://www.suse.com/security/cve/CVE-2018-16452"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16452",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2018-16452"
},
{
"cve": "CVE-2019-1010220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-1010220"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: \"ND_PRINT((ndo, \"%s\", buf));\", in function named \"print_prefix\", in \"print-hncp.c\". The attack vector is: The victim must open a specially crafted pcap file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-1010220",
"url": "https://www.suse.com/security/cve/CVE-2019-1010220"
},
{
"category": "external",
"summary": "SUSE Bug 1142439 for CVE-2019-1010220",
"url": "https://bugzilla.suse.com/1142439"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2019-1010220",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2019-1010220"
},
{
"cve": "CVE-2019-15166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15166"
}
],
"notes": [
{
"category": "general",
"text": "lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15166",
"url": "https://www.suse.com/security/cve/CVE-2019-15166"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2019-15166",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2019-15166"
},
{
"cve": "CVE-2019-15167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15167"
}
],
"notes": [
{
"category": "general",
"text": "The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15167",
"url": "https://www.suse.com/security/cve/CVE-2019-15167"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2019-15167",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp150.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T16:18:13Z",
"details": "moderate"
}
],
"title": "CVE-2019-15167"
}
]
}
opensuse-su-2019:2348-1
Vulnerability from csaf_opensuse
Published
2019-10-20 18:19
Modified
2019-10-20 18:19
Summary
Security update for tcpdump
Notes
Title of the patch
Security update for tcpdump
Description of the patch
This update for tcpdump fixes the following issues:
- CVE-2017-16808: Fixed a heap-based buffer over-read related to aoe_print and lookup_emem (bsc#1068716 bsc#1153098).
- CVE-2018-10103: Fixed a mishandling of the printing of SMB data (bsc#1153098).
- CVE-2018-10105: Fixed a mishandling of the printing of SMB data (bsc#1153098).
- CVE-2018-14461: Fixed a buffer over-read in print-ldp.c:ldp_tlv_print (bsc#1153098).
- CVE-2018-14462: Fixed a buffer over-read in print-icmp.c:icmp_print (bsc#1153098).
- CVE-2018-14463: Fixed a buffer over-read in print-vrrp.c:vrrp_print (bsc#1153098).
- CVE-2018-14464: Fixed a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs (bsc#1153098).
- CVE-2018-14465: Fixed a buffer over-read in print-rsvp.c:rsvp_obj_print (bsc#1153098).
- CVE-2018-14466: Fixed a buffer over-read in print-rx.c:rx_cache_find (bsc#1153098).
- CVE-2018-14467: Fixed a buffer over-read in print-bgp.c:bgp_capabilities_print (bsc#1153098).
- CVE-2018-14468: Fixed a buffer over-read in print-fr.c:mfr_print (bsc#1153098).
- CVE-2018-14469: Fixed a buffer over-read in print-isakmp.c:ikev1_n_print (bsc#1153098).
- CVE-2018-14470: Fixed a buffer over-read in print-babel.c:babel_print_v2 (bsc#1153098).
- CVE-2018-14879: Fixed a buffer overflow in the command-line argument parser (bsc#1153098).
- CVE-2018-14880: Fixed a buffer over-read in the OSPFv3 parser (bsc#1153098).
- CVE-2018-14881: Fixed a buffer over-read in the BGP parser (bsc#1153098).
- CVE-2018-14882: Fixed a buffer over-read in the ICMPv6 parser (bsc#1153098).
- CVE-2018-16227: Fixed a buffer over-read in the IEEE 802.11 parser in print-802_11.c for the Mesh Flags subfield (bsc#1153098).
- CVE-2018-16228: Fixed a buffer over-read in the HNCP parser (bsc#1153098).
- CVE-2018-16229: Fixed a buffer over-read in the DCCP parser (bsc#1153098).
- CVE-2018-16230: Fixed a buffer over-read in the BGP parser in print-bgp.c:bgp_attr_print (bsc#1153098).
- CVE-2018-16300: Fixed an unlimited recursion in the BGP parser that allowed denial-of-service by stack consumption (bsc#1153098).
- CVE-2018-16301: Fixed a buffer overflow (bsc#1153332 bsc#1153098).
- CVE-2018-16451: Fixed several buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN (bsc#1153098).
- CVE-2018-16452: Fixed a stack exhaustion in smbutil.c:smb_fdata (bsc#1153098).
- CVE-2019-15166: Fixed a bounds check in lmp_print_data_link_subobjs (bsc#1153098).
- CVE-2019-15167: Fixed a vulnerability in VRRP (bsc#1153098).
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames
openSUSE-2019-2348
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for tcpdump",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for tcpdump fixes the following issues:\n\n- CVE-2017-16808: Fixed a heap-based buffer over-read related to aoe_print and lookup_emem (bsc#1068716 bsc#1153098).\n- CVE-2018-10103: Fixed a mishandling of the printing of SMB data (bsc#1153098).\n- CVE-2018-10105: Fixed a mishandling of the printing of SMB data (bsc#1153098).\n- CVE-2018-14461: Fixed a buffer over-read in print-ldp.c:ldp_tlv_print (bsc#1153098).\n- CVE-2018-14462: Fixed a buffer over-read in print-icmp.c:icmp_print (bsc#1153098).\n- CVE-2018-14463: Fixed a buffer over-read in print-vrrp.c:vrrp_print (bsc#1153098).\n- CVE-2018-14464: Fixed a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs (bsc#1153098).\n- CVE-2018-14465: Fixed a buffer over-read in print-rsvp.c:rsvp_obj_print (bsc#1153098).\n- CVE-2018-14466: Fixed a buffer over-read in print-rx.c:rx_cache_find (bsc#1153098).\n- CVE-2018-14467: Fixed a buffer over-read in print-bgp.c:bgp_capabilities_print (bsc#1153098).\n- CVE-2018-14468: Fixed a buffer over-read in print-fr.c:mfr_print (bsc#1153098).\n- CVE-2018-14469: Fixed a buffer over-read in print-isakmp.c:ikev1_n_print (bsc#1153098).\n- CVE-2018-14470: Fixed a buffer over-read in print-babel.c:babel_print_v2 (bsc#1153098).\n- CVE-2018-14879: Fixed a buffer overflow in the command-line argument parser (bsc#1153098).\n- CVE-2018-14880: Fixed a buffer over-read in the OSPFv3 parser (bsc#1153098).\n- CVE-2018-14881: Fixed a buffer over-read in the BGP parser (bsc#1153098).\n- CVE-2018-14882: Fixed a buffer over-read in the ICMPv6 parser (bsc#1153098).\n- CVE-2018-16227: Fixed a buffer over-read in the IEEE 802.11 parser in print-802_11.c for the Mesh Flags subfield (bsc#1153098).\n- CVE-2018-16228: Fixed a buffer over-read in the HNCP parser (bsc#1153098).\n- CVE-2018-16229: Fixed a buffer over-read in the DCCP parser (bsc#1153098).\n- CVE-2018-16230: Fixed a buffer over-read in the BGP parser in print-bgp.c:bgp_attr_print (bsc#1153098).\n- CVE-2018-16300: Fixed an unlimited recursion in the BGP parser that allowed denial-of-service by stack consumption (bsc#1153098).\n- CVE-2018-16301: Fixed a buffer overflow (bsc#1153332 bsc#1153098).\n- CVE-2018-16451: Fixed several buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN (bsc#1153098).\n- CVE-2018-16452: Fixed a stack exhaustion in smbutil.c:smb_fdata (bsc#1153098).\n- CVE-2019-15166: Fixed a bounds check in lmp_print_data_link_subobjs (bsc#1153098).\n- CVE-2019-15167: Fixed a vulnerability in VRRP (bsc#1153098).\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-2348",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2348-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:2348-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZPOIE2ZQZQ57X2YSWXD43L2MIX37I54G/#ZPOIE2ZQZQ57X2YSWXD43L2MIX37I54G"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:2348-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZPOIE2ZQZQ57X2YSWXD43L2MIX37I54G/#ZPOIE2ZQZQ57X2YSWXD43L2MIX37I54G"
},
{
"category": "self",
"summary": "SUSE Bug 1068716",
"url": "https://bugzilla.suse.com/1068716"
},
{
"category": "self",
"summary": "SUSE Bug 1153098",
"url": "https://bugzilla.suse.com/1153098"
},
{
"category": "self",
"summary": "SUSE Bug 1153332",
"url": "https://bugzilla.suse.com/1153332"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16808 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10103 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10105 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10105/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14461 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14461/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14462 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14462/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14463 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14464 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14465 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14466 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14467 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14468 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14469 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14470 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14879 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14880 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14881 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14882 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16227 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16228 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16228/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16229 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16230 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16230/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16300 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16300/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16301 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16301/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16451 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16451/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16452 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-1010220 page",
"url": "https://www.suse.com/security/cve/CVE-2019-1010220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15166 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15167 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15167/"
}
],
"title": "Security update for tcpdump",
"tracking": {
"current_release_date": "2019-10-20T18:19:33Z",
"generator": {
"date": "2019-10-20T18:19:33Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:2348-1",
"initial_release_date": "2019-10-20T18:19:33Z",
"revision_history": [
{
"date": "2019-10-20T18:19:33Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-lp151.4.6.1.x86_64",
"product": {
"name": "tcpdump-4.9.2-lp151.4.6.1.x86_64",
"product_id": "tcpdump-4.9.2-lp151.4.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-lp151.4.6.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
},
"product_reference": "tcpdump-4.9.2-lp151.4.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-16808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16808"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16808",
"url": "https://www.suse.com/security/cve/CVE-2017-16808"
},
{
"category": "external",
"summary": "SUSE Bug 1068716 for CVE-2017-16808",
"url": "https://bugzilla.suse.com/1068716"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2017-16808",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "important"
}
],
"title": "CVE-2017-16808"
},
{
"cve": "CVE-2018-10103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10103"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10103",
"url": "https://www.suse.com/security/cve/CVE-2018-10103"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-10103",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-10103"
},
{
"cve": "CVE-2018-10105",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10105"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10105",
"url": "https://www.suse.com/security/cve/CVE-2018-10105"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-10105",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-10105"
},
{
"cve": "CVE-2018-14461",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14461"
}
],
"notes": [
{
"category": "general",
"text": "The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14461",
"url": "https://www.suse.com/security/cve/CVE-2018-14461"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14461",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-14461"
},
{
"cve": "CVE-2018-14462",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14462"
}
],
"notes": [
{
"category": "general",
"text": "The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14462",
"url": "https://www.suse.com/security/cve/CVE-2018-14462"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14462",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-14462"
},
{
"cve": "CVE-2018-14463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14463"
}
],
"notes": [
{
"category": "general",
"text": "The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14463",
"url": "https://www.suse.com/security/cve/CVE-2018-14463"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14463",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-14463"
},
{
"cve": "CVE-2018-14464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14464"
}
],
"notes": [
{
"category": "general",
"text": "The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14464",
"url": "https://www.suse.com/security/cve/CVE-2018-14464"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14464",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-14464"
},
{
"cve": "CVE-2018-14465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14465"
}
],
"notes": [
{
"category": "general",
"text": "The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14465",
"url": "https://www.suse.com/security/cve/CVE-2018-14465"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14465",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-14465"
},
{
"cve": "CVE-2018-14466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14466"
}
],
"notes": [
{
"category": "general",
"text": "The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14466",
"url": "https://www.suse.com/security/cve/CVE-2018-14466"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14466",
"url": "https://bugzilla.suse.com/1153098"
},
{
"category": "external",
"summary": "SUSE Bug 1166972 for CVE-2018-14466",
"url": "https://bugzilla.suse.com/1166972"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-14466"
},
{
"cve": "CVE-2018-14467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14467"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14467",
"url": "https://www.suse.com/security/cve/CVE-2018-14467"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14467",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-14467"
},
{
"cve": "CVE-2018-14468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14468"
}
],
"notes": [
{
"category": "general",
"text": "The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14468",
"url": "https://www.suse.com/security/cve/CVE-2018-14468"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14468",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-14468"
},
{
"cve": "CVE-2018-14469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14469"
}
],
"notes": [
{
"category": "general",
"text": "The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14469",
"url": "https://www.suse.com/security/cve/CVE-2018-14469"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14469",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-14469"
},
{
"cve": "CVE-2018-14470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14470"
}
],
"notes": [
{
"category": "general",
"text": "The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14470",
"url": "https://www.suse.com/security/cve/CVE-2018-14470"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14470",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-14470"
},
{
"cve": "CVE-2018-14879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14879"
}
],
"notes": [
{
"category": "general",
"text": "The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14879",
"url": "https://www.suse.com/security/cve/CVE-2018-14879"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14879",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "low"
}
],
"title": "CVE-2018-14879"
},
{
"cve": "CVE-2018-14880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14880"
}
],
"notes": [
{
"category": "general",
"text": "The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14880",
"url": "https://www.suse.com/security/cve/CVE-2018-14880"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14880",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-14880"
},
{
"cve": "CVE-2018-14881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14881"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14881",
"url": "https://www.suse.com/security/cve/CVE-2018-14881"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14881",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-14881"
},
{
"cve": "CVE-2018-14882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14882"
}
],
"notes": [
{
"category": "general",
"text": "The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14882",
"url": "https://www.suse.com/security/cve/CVE-2018-14882"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14882",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-14882"
},
{
"cve": "CVE-2018-16227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16227"
}
],
"notes": [
{
"category": "general",
"text": "The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16227",
"url": "https://www.suse.com/security/cve/CVE-2018-16227"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16227",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-16227"
},
{
"cve": "CVE-2018-16228",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16228"
}
],
"notes": [
{
"category": "general",
"text": "The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16228",
"url": "https://www.suse.com/security/cve/CVE-2018-16228"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16228",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-16228"
},
{
"cve": "CVE-2018-16229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16229"
}
],
"notes": [
{
"category": "general",
"text": "The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16229",
"url": "https://www.suse.com/security/cve/CVE-2018-16229"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16229",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-16229"
},
{
"cve": "CVE-2018-16230",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16230"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16230",
"url": "https://www.suse.com/security/cve/CVE-2018-16230"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16230",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-16230"
},
{
"cve": "CVE-2018-16300",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16300"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16300",
"url": "https://www.suse.com/security/cve/CVE-2018-16300"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16300",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "important"
}
],
"title": "CVE-2018-16300"
},
{
"cve": "CVE-2018-16301",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16301"
}
],
"notes": [
{
"category": "general",
"text": "The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16301",
"url": "https://www.suse.com/security/cve/CVE-2018-16301"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16301",
"url": "https://bugzilla.suse.com/1153098"
},
{
"category": "external",
"summary": "SUSE Bug 1153332 for CVE-2018-16301",
"url": "https://bugzilla.suse.com/1153332"
},
{
"category": "external",
"summary": "SUSE Bug 1195825 for CVE-2018-16301",
"url": "https://bugzilla.suse.com/1195825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "important"
}
],
"title": "CVE-2018-16301"
},
{
"cve": "CVE-2018-16451",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16451"
}
],
"notes": [
{
"category": "general",
"text": "The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16451",
"url": "https://www.suse.com/security/cve/CVE-2018-16451"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16451",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-16451"
},
{
"cve": "CVE-2018-16452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16452"
}
],
"notes": [
{
"category": "general",
"text": "The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16452",
"url": "https://www.suse.com/security/cve/CVE-2018-16452"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16452",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2018-16452"
},
{
"cve": "CVE-2019-1010220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-1010220"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: \"ND_PRINT((ndo, \"%s\", buf));\", in function named \"print_prefix\", in \"print-hncp.c\". The attack vector is: The victim must open a specially crafted pcap file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-1010220",
"url": "https://www.suse.com/security/cve/CVE-2019-1010220"
},
{
"category": "external",
"summary": "SUSE Bug 1142439 for CVE-2019-1010220",
"url": "https://bugzilla.suse.com/1142439"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2019-1010220",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2019-1010220"
},
{
"cve": "CVE-2019-15166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15166"
}
],
"notes": [
{
"category": "general",
"text": "lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15166",
"url": "https://www.suse.com/security/cve/CVE-2019-15166"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2019-15166",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2019-15166"
},
{
"cve": "CVE-2019-15167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15167"
}
],
"notes": [
{
"category": "general",
"text": "The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15167",
"url": "https://www.suse.com/security/cve/CVE-2019-15167"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2019-15167",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-20T18:19:33Z",
"details": "moderate"
}
],
"title": "CVE-2019-15167"
}
]
}
opensuse-su-2024:11425-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
tcpdump-4.99.1-1.2 on GA media
Notes
Title of the patch
tcpdump-4.99.1-1.2 on GA media
Description of the patch
These are all security issues fixed in the tcpdump-4.99.1-1.2 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11425
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "tcpdump-4.99.1-1.2 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the tcpdump-4.99.1-1.2 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-11425",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11425-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7922 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7923 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7924 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7925 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7926 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7927 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7928 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7929 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7930 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7931 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7932 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7933 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7934 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7935 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7936 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7937 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7938 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7939 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7939/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7940 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7973 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7974 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7975 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7983 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7984 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7985 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7986 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7992 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7993 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8574 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8574/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8575 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8575/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-11108 page",
"url": "https://www.suse.com/security/cve/CVE-2017-11108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-11541 page",
"url": "https://www.suse.com/security/cve/CVE-2017-11541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-11542 page",
"url": "https://www.suse.com/security/cve/CVE-2017-11542/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-11543 page",
"url": "https://www.suse.com/security/cve/CVE-2017-11543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12893 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12893/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12894 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12895 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12896 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12896/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12897 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12898 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12899 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12900 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12901 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12902 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12902/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12985 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12986 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12987 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12987/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12988 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12989 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12990 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12991 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12992 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12993 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12994 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12995 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12996 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12997 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12998 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12999 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13000 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13001 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13002 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13003 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13004 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13005 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13006 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13007 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13008 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13009 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13010 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13011 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13012 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13013 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13014 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13015 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13016 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13017 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13018 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13019 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13020 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13021 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13022 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13023 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13024 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13025 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13026 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13026/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13027 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13027/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13028 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13029 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13030 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13031 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13031/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13032 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13032/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13033 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13033/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13034 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13035 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13035/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13036 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13037 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13037/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13038 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13038/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13039 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13039/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13040 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13041 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13042 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13042/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13043 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13044 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13045 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13046 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13046/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13047 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13047/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13048 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13048/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13049 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13050 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13050/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13051 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13052 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13053 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13054 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13055 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13687 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13688 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13689 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13689/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13690 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13690/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13725 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16808 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5202 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5203 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5204 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5205 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5341 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5341/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5342 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5342/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5482 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5482/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5483 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5484 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5484/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5485 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5485/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5486 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5486/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10103 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10105 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10105/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14461 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14461/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14462 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14462/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14463 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14464 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14465 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14466 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14467 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14468 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14469 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14470 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14879 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14880 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14881 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14882 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16227 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16228 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16228/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16229 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16230 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16230/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16300 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16300/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16301 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16301/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16451 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16451/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16452 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19519 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19519/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-1010220 page",
"url": "https://www.suse.com/security/cve/CVE-2019-1010220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15166 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15167 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8037 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8037/"
}
],
"title": "tcpdump-4.99.1-1.2 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:11425-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.99.1-1.2.aarch64",
"product": {
"name": "tcpdump-4.99.1-1.2.aarch64",
"product_id": "tcpdump-4.99.1-1.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.99.1-1.2.ppc64le",
"product": {
"name": "tcpdump-4.99.1-1.2.ppc64le",
"product_id": "tcpdump-4.99.1-1.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.99.1-1.2.s390x",
"product": {
"name": "tcpdump-4.99.1-1.2.s390x",
"product_id": "tcpdump-4.99.1-1.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.99.1-1.2.x86_64",
"product": {
"name": "tcpdump-4.99.1-1.2.x86_64",
"product_id": "tcpdump-4.99.1-1.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.99.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64"
},
"product_reference": "tcpdump-4.99.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.99.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le"
},
"product_reference": "tcpdump-4.99.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.99.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x"
},
"product_reference": "tcpdump-4.99.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.99.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
},
"product_reference": "tcpdump-4.99.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-7922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7922"
}
],
"notes": [
{
"category": "general",
"text": "The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7922",
"url": "https://www.suse.com/security/cve/CVE-2016-7922"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7922",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7922"
},
{
"cve": "CVE-2016-7923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7923"
}
],
"notes": [
{
"category": "general",
"text": "The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7923",
"url": "https://www.suse.com/security/cve/CVE-2016-7923"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7923",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7923"
},
{
"cve": "CVE-2016-7924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7924"
}
],
"notes": [
{
"category": "general",
"text": "The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7924",
"url": "https://www.suse.com/security/cve/CVE-2016-7924"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7924",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7924"
},
{
"cve": "CVE-2016-7925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7925"
}
],
"notes": [
{
"category": "general",
"text": "The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7925",
"url": "https://www.suse.com/security/cve/CVE-2016-7925"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7925",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7925"
},
{
"cve": "CVE-2016-7926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7926"
}
],
"notes": [
{
"category": "general",
"text": "The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7926",
"url": "https://www.suse.com/security/cve/CVE-2016-7926"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7926",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7926"
},
{
"cve": "CVE-2016-7927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7927"
}
],
"notes": [
{
"category": "general",
"text": "The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7927",
"url": "https://www.suse.com/security/cve/CVE-2016-7927"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7927",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7927"
},
{
"cve": "CVE-2016-7928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7928"
}
],
"notes": [
{
"category": "general",
"text": "The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7928",
"url": "https://www.suse.com/security/cve/CVE-2016-7928"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7928",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7928"
},
{
"cve": "CVE-2016-7929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7929"
}
],
"notes": [
{
"category": "general",
"text": "The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7929",
"url": "https://www.suse.com/security/cve/CVE-2016-7929"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7929",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7929"
},
{
"cve": "CVE-2016-7930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7930"
}
],
"notes": [
{
"category": "general",
"text": "The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7930",
"url": "https://www.suse.com/security/cve/CVE-2016-7930"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7930",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7930"
},
{
"cve": "CVE-2016-7931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7931"
}
],
"notes": [
{
"category": "general",
"text": "The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7931",
"url": "https://www.suse.com/security/cve/CVE-2016-7931"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7931",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7931"
},
{
"cve": "CVE-2016-7932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7932"
}
],
"notes": [
{
"category": "general",
"text": "The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7932",
"url": "https://www.suse.com/security/cve/CVE-2016-7932"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7932",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7932"
},
{
"cve": "CVE-2016-7933",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7933"
}
],
"notes": [
{
"category": "general",
"text": "The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7933",
"url": "https://www.suse.com/security/cve/CVE-2016-7933"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7933",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7933"
},
{
"cve": "CVE-2016-7934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7934"
}
],
"notes": [
{
"category": "general",
"text": "The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7934",
"url": "https://www.suse.com/security/cve/CVE-2016-7934"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7934",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7934"
},
{
"cve": "CVE-2016-7935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7935"
}
],
"notes": [
{
"category": "general",
"text": "The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7935",
"url": "https://www.suse.com/security/cve/CVE-2016-7935"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7935",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7935"
},
{
"cve": "CVE-2016-7936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7936"
}
],
"notes": [
{
"category": "general",
"text": "The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7936",
"url": "https://www.suse.com/security/cve/CVE-2016-7936"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7936",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7936"
},
{
"cve": "CVE-2016-7937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7937"
}
],
"notes": [
{
"category": "general",
"text": "The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7937",
"url": "https://www.suse.com/security/cve/CVE-2016-7937"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7937",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7937"
},
{
"cve": "CVE-2016-7938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7938"
}
],
"notes": [
{
"category": "general",
"text": "The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7938",
"url": "https://www.suse.com/security/cve/CVE-2016-7938"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7938",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7938"
},
{
"cve": "CVE-2016-7939",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7939"
}
],
"notes": [
{
"category": "general",
"text": "The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7939",
"url": "https://www.suse.com/security/cve/CVE-2016-7939"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7939",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7939"
},
{
"cve": "CVE-2016-7940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7940"
}
],
"notes": [
{
"category": "general",
"text": "The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7940",
"url": "https://www.suse.com/security/cve/CVE-2016-7940"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7940",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7940"
},
{
"cve": "CVE-2016-7973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7973"
}
],
"notes": [
{
"category": "general",
"text": "The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7973",
"url": "https://www.suse.com/security/cve/CVE-2016-7973"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7973",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7973"
},
{
"cve": "CVE-2016-7974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7974"
}
],
"notes": [
{
"category": "general",
"text": "The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7974",
"url": "https://www.suse.com/security/cve/CVE-2016-7974"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7974",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7974"
},
{
"cve": "CVE-2016-7975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7975"
}
],
"notes": [
{
"category": "general",
"text": "The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7975",
"url": "https://www.suse.com/security/cve/CVE-2016-7975"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7975",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7975"
},
{
"cve": "CVE-2016-7983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7983"
}
],
"notes": [
{
"category": "general",
"text": "The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7983",
"url": "https://www.suse.com/security/cve/CVE-2016-7983"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7983",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7983"
},
{
"cve": "CVE-2016-7984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7984"
}
],
"notes": [
{
"category": "general",
"text": "The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7984",
"url": "https://www.suse.com/security/cve/CVE-2016-7984"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7984",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7984"
},
{
"cve": "CVE-2016-7985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7985"
}
],
"notes": [
{
"category": "general",
"text": "The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7985",
"url": "https://www.suse.com/security/cve/CVE-2016-7985"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7985",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7985"
},
{
"cve": "CVE-2016-7986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7986"
}
],
"notes": [
{
"category": "general",
"text": "The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7986",
"url": "https://www.suse.com/security/cve/CVE-2016-7986"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7986",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7986"
},
{
"cve": "CVE-2016-7992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7992"
}
],
"notes": [
{
"category": "general",
"text": "The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7992",
"url": "https://www.suse.com/security/cve/CVE-2016-7992"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7992",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7992"
},
{
"cve": "CVE-2016-7993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7993"
}
],
"notes": [
{
"category": "general",
"text": "A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7993",
"url": "https://www.suse.com/security/cve/CVE-2016-7993"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7993",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7993"
},
{
"cve": "CVE-2016-8574",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8574"
}
],
"notes": [
{
"category": "general",
"text": "The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8574",
"url": "https://www.suse.com/security/cve/CVE-2016-8574"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-8574",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-8574"
},
{
"cve": "CVE-2016-8575",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8575"
}
],
"notes": [
{
"category": "general",
"text": "The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8575",
"url": "https://www.suse.com/security/cve/CVE-2016-8575"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-8575",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-8575"
},
{
"cve": "CVE-2017-11108",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-11108"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-11108",
"url": "https://www.suse.com/security/cve/CVE-2017-11108"
},
{
"category": "external",
"summary": "SUSE Bug 1047873 for CVE-2017-11108",
"url": "https://bugzilla.suse.com/1047873"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-11108",
"url": "https://bugzilla.suse.com/1057247"
},
{
"category": "external",
"summary": "SUSE Bug 1123142 for CVE-2017-11108",
"url": "https://bugzilla.suse.com/1123142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-11108"
},
{
"cve": "CVE-2017-11541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-11541"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-11541",
"url": "https://www.suse.com/security/cve/CVE-2017-11541"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-11541",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-11541",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-11541",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-11541",
"url": "https://bugzilla.suse.com/1057247"
},
{
"category": "external",
"summary": "SUSE Bug 1123142 for CVE-2017-11541",
"url": "https://bugzilla.suse.com/1123142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-11541"
},
{
"cve": "CVE-2017-11542",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-11542"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-11542",
"url": "https://www.suse.com/security/cve/CVE-2017-11542"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-11542",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-11542",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-11542",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-11542",
"url": "https://bugzilla.suse.com/1057247"
},
{
"category": "external",
"summary": "SUSE Bug 1123142 for CVE-2017-11542",
"url": "https://bugzilla.suse.com/1123142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-11542"
},
{
"cve": "CVE-2017-11543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-11543"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-11543",
"url": "https://www.suse.com/security/cve/CVE-2017-11543"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-11543",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-11543",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-11543",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-11543",
"url": "https://bugzilla.suse.com/1057247"
},
{
"category": "external",
"summary": "SUSE Bug 1123142 for CVE-2017-11543",
"url": "https://bugzilla.suse.com/1123142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2017-11543"
},
{
"cve": "CVE-2017-12893",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12893"
}
],
"notes": [
{
"category": "general",
"text": "The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12893",
"url": "https://www.suse.com/security/cve/CVE-2017-12893"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12893",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12893",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12893",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12893",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12893"
},
{
"cve": "CVE-2017-12894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12894"
}
],
"notes": [
{
"category": "general",
"text": "Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12894",
"url": "https://www.suse.com/security/cve/CVE-2017-12894"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12894",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12894",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12894",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12894",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12894"
},
{
"cve": "CVE-2017-12895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12895"
}
],
"notes": [
{
"category": "general",
"text": "The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12895",
"url": "https://www.suse.com/security/cve/CVE-2017-12895"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12895",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12895",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12895",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12895",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12895"
},
{
"cve": "CVE-2017-12896",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12896"
}
],
"notes": [
{
"category": "general",
"text": "The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12896",
"url": "https://www.suse.com/security/cve/CVE-2017-12896"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12896",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12896",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12896",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12896",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12896"
},
{
"cve": "CVE-2017-12897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12897"
}
],
"notes": [
{
"category": "general",
"text": "The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12897",
"url": "https://www.suse.com/security/cve/CVE-2017-12897"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12897",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12897",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12897",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12897",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12897"
},
{
"cve": "CVE-2017-12898",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12898"
}
],
"notes": [
{
"category": "general",
"text": "The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12898",
"url": "https://www.suse.com/security/cve/CVE-2017-12898"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12898",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12898",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12898",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12898",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12898"
},
{
"cve": "CVE-2017-12899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12899"
}
],
"notes": [
{
"category": "general",
"text": "The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12899",
"url": "https://www.suse.com/security/cve/CVE-2017-12899"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12899",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12899",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12899",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12899",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12899"
},
{
"cve": "CVE-2017-12900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12900"
}
],
"notes": [
{
"category": "general",
"text": "Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12900",
"url": "https://www.suse.com/security/cve/CVE-2017-12900"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12900",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12900",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12900",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12900",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12900"
},
{
"cve": "CVE-2017-12901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12901"
}
],
"notes": [
{
"category": "general",
"text": "The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12901",
"url": "https://www.suse.com/security/cve/CVE-2017-12901"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12901",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12901",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12901",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12901",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12901"
},
{
"cve": "CVE-2017-12902",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12902"
}
],
"notes": [
{
"category": "general",
"text": "The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12902",
"url": "https://www.suse.com/security/cve/CVE-2017-12902"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12902",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12902",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12902",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12902",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12902"
},
{
"cve": "CVE-2017-12985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12985"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12985",
"url": "https://www.suse.com/security/cve/CVE-2017-12985"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12985",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12985",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12985",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12985",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12985"
},
{
"cve": "CVE-2017-12986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12986"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12986",
"url": "https://www.suse.com/security/cve/CVE-2017-12986"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12986",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12986",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12986",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12986",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12986"
},
{
"cve": "CVE-2017-12987",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12987"
}
],
"notes": [
{
"category": "general",
"text": "The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12987",
"url": "https://www.suse.com/security/cve/CVE-2017-12987"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12987",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12987",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12987",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12987",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12987"
},
{
"cve": "CVE-2017-12988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12988"
}
],
"notes": [
{
"category": "general",
"text": "The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12988",
"url": "https://www.suse.com/security/cve/CVE-2017-12988"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12988",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12988",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12988",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12988",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12988"
},
{
"cve": "CVE-2017-12989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12989"
}
],
"notes": [
{
"category": "general",
"text": "The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12989",
"url": "https://www.suse.com/security/cve/CVE-2017-12989"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12989",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12989",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12989",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12989",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12989"
},
{
"cve": "CVE-2017-12990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12990"
}
],
"notes": [
{
"category": "general",
"text": "The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12990",
"url": "https://www.suse.com/security/cve/CVE-2017-12990"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12990",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12990",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12990",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12990",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12990"
},
{
"cve": "CVE-2017-12991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12991"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12991",
"url": "https://www.suse.com/security/cve/CVE-2017-12991"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12991",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12991",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12991",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12991",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12991"
},
{
"cve": "CVE-2017-12992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12992"
}
],
"notes": [
{
"category": "general",
"text": "The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12992",
"url": "https://www.suse.com/security/cve/CVE-2017-12992"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12992",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12992",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12992",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12992",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12992"
},
{
"cve": "CVE-2017-12993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12993"
}
],
"notes": [
{
"category": "general",
"text": "The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12993",
"url": "https://www.suse.com/security/cve/CVE-2017-12993"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12993",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12993",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12993",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12993",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12993"
},
{
"cve": "CVE-2017-12994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12994"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12994",
"url": "https://www.suse.com/security/cve/CVE-2017-12994"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12994",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12994",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12994",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12994",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12994"
},
{
"cve": "CVE-2017-12995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12995"
}
],
"notes": [
{
"category": "general",
"text": "The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12995",
"url": "https://www.suse.com/security/cve/CVE-2017-12995"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12995",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12995",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12995",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12995",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12995"
},
{
"cve": "CVE-2017-12996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12996"
}
],
"notes": [
{
"category": "general",
"text": "The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12996",
"url": "https://www.suse.com/security/cve/CVE-2017-12996"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12996",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12996",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12996",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12996",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12996"
},
{
"cve": "CVE-2017-12997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12997"
}
],
"notes": [
{
"category": "general",
"text": "The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldp_private_8021_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12997",
"url": "https://www.suse.com/security/cve/CVE-2017-12997"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12997",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12997",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12997",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12997",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12997"
},
{
"cve": "CVE-2017-12998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12998"
}
],
"notes": [
{
"category": "general",
"text": "The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_extd_ip_reach().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12998",
"url": "https://www.suse.com/security/cve/CVE-2017-12998"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12998",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12998",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12998",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12998",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12998"
},
{
"cve": "CVE-2017-12999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12999"
}
],
"notes": [
{
"category": "general",
"text": "The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12999",
"url": "https://www.suse.com/security/cve/CVE-2017-12999"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12999",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12999",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12999",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12999",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12999"
},
{
"cve": "CVE-2017-13000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13000"
}
],
"notes": [
{
"category": "general",
"text": "The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13000",
"url": "https://www.suse.com/security/cve/CVE-2017-13000"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13000",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13000",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13000",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13000",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13000"
},
{
"cve": "CVE-2017-13001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13001"
}
],
"notes": [
{
"category": "general",
"text": "The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13001",
"url": "https://www.suse.com/security/cve/CVE-2017-13001"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13001",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13001",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13001",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13001",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13001"
},
{
"cve": "CVE-2017-13002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13002"
}
],
"notes": [
{
"category": "general",
"text": "The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13002",
"url": "https://www.suse.com/security/cve/CVE-2017-13002"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13002",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13002",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13002",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13002",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13002"
},
{
"cve": "CVE-2017-13003",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13003"
}
],
"notes": [
{
"category": "general",
"text": "The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13003",
"url": "https://www.suse.com/security/cve/CVE-2017-13003"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13003",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13003",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13003",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13003",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13003"
},
{
"cve": "CVE-2017-13004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13004"
}
],
"notes": [
{
"category": "general",
"text": "The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13004",
"url": "https://www.suse.com/security/cve/CVE-2017-13004"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13004",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13004",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13004",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13004",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13004"
},
{
"cve": "CVE-2017-13005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13005"
}
],
"notes": [
{
"category": "general",
"text": "The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13005",
"url": "https://www.suse.com/security/cve/CVE-2017-13005"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13005",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13005",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13005",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13005",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13005"
},
{
"cve": "CVE-2017-13006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13006"
}
],
"notes": [
{
"category": "general",
"text": "The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13006",
"url": "https://www.suse.com/security/cve/CVE-2017-13006"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13006",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13006",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13006",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13006",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13006"
},
{
"cve": "CVE-2017-13007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13007"
}
],
"notes": [
{
"category": "general",
"text": "The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read in print-pktap.c:pktap_if_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13007",
"url": "https://www.suse.com/security/cve/CVE-2017-13007"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13007",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13007",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13007",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13007",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13007"
},
{
"cve": "CVE-2017-13008",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13008"
}
],
"notes": [
{
"category": "general",
"text": "The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13008",
"url": "https://www.suse.com/security/cve/CVE-2017-13008"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13008",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13008",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13008",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13008",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13008"
},
{
"cve": "CVE-2017-13009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13009"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13009",
"url": "https://www.suse.com/security/cve/CVE-2017-13009"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13009",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13009",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13009",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13009",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13009"
},
{
"cve": "CVE-2017-13010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13010"
}
],
"notes": [
{
"category": "general",
"text": "The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13010",
"url": "https://www.suse.com/security/cve/CVE-2017-13010"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13010",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13010",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13010",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13010",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13010"
},
{
"cve": "CVE-2017-13011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13011"
}
],
"notes": [
{
"category": "general",
"text": "Several protocol parsers in tcpdump before 4.9.2 could cause a buffer overflow in util-print.c:bittok2str_internal().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13011",
"url": "https://www.suse.com/security/cve/CVE-2017-13011"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13011",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13011",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13011",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13011",
"url": "https://bugzilla.suse.com/1057247"
},
{
"category": "external",
"summary": "SUSE Bug 1123142 for CVE-2017-13011",
"url": "https://bugzilla.suse.com/1123142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13011"
},
{
"cve": "CVE-2017-13012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13012"
}
],
"notes": [
{
"category": "general",
"text": "The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13012",
"url": "https://www.suse.com/security/cve/CVE-2017-13012"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13012",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13012",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13012",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13012",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13012"
},
{
"cve": "CVE-2017-13013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13013"
}
],
"notes": [
{
"category": "general",
"text": "The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13013",
"url": "https://www.suse.com/security/cve/CVE-2017-13013"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13013",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13013",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13013",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13013",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13013"
},
{
"cve": "CVE-2017-13014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13014"
}
],
"notes": [
{
"category": "general",
"text": "The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13014",
"url": "https://www.suse.com/security/cve/CVE-2017-13014"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13014",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13014",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13014",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13014",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13014"
},
{
"cve": "CVE-2017-13015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13015"
}
],
"notes": [
{
"category": "general",
"text": "The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print-eap.c:eap_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13015",
"url": "https://www.suse.com/security/cve/CVE-2017-13015"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13015",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13015",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13015",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13015",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13015"
},
{
"cve": "CVE-2017-13016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13016"
}
],
"notes": [
{
"category": "general",
"text": "The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13016",
"url": "https://www.suse.com/security/cve/CVE-2017-13016"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13016",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13016",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13016",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13016",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13016"
},
{
"cve": "CVE-2017-13017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13017"
}
],
"notes": [
{
"category": "general",
"text": "The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13017",
"url": "https://www.suse.com/security/cve/CVE-2017-13017"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13017",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13017",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13017",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13017",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13017"
},
{
"cve": "CVE-2017-13018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13018"
}
],
"notes": [
{
"category": "general",
"text": "The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13018",
"url": "https://www.suse.com/security/cve/CVE-2017-13018"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13018",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13018",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13018",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13018",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13018"
},
{
"cve": "CVE-2017-13019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13019"
}
],
"notes": [
{
"category": "general",
"text": "The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13019",
"url": "https://www.suse.com/security/cve/CVE-2017-13019"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13019",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13019",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13019",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13019",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13019"
},
{
"cve": "CVE-2017-13020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13020"
}
],
"notes": [
{
"category": "general",
"text": "The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13020",
"url": "https://www.suse.com/security/cve/CVE-2017-13020"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13020",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13020",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13020",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13020",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13020"
},
{
"cve": "CVE-2017-13021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13021"
}
],
"notes": [
{
"category": "general",
"text": "The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13021",
"url": "https://www.suse.com/security/cve/CVE-2017-13021"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13021",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13021",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13021",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13021",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13021"
},
{
"cve": "CVE-2017-13022",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13022"
}
],
"notes": [
{
"category": "general",
"text": "The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13022",
"url": "https://www.suse.com/security/cve/CVE-2017-13022"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13022",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13022",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13022",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13022",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13022"
},
{
"cve": "CVE-2017-13023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13023"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13023",
"url": "https://www.suse.com/security/cve/CVE-2017-13023"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13023",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13023",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13023",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13023",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13023"
},
{
"cve": "CVE-2017-13024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13024"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13024",
"url": "https://www.suse.com/security/cve/CVE-2017-13024"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13024",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13024",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13024",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13024",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13024"
},
{
"cve": "CVE-2017-13025",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13025"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13025",
"url": "https://www.suse.com/security/cve/CVE-2017-13025"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13025",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13025",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13025",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13025",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13025"
},
{
"cve": "CVE-2017-13026",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13026"
}
],
"notes": [
{
"category": "general",
"text": "The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c, several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13026",
"url": "https://www.suse.com/security/cve/CVE-2017-13026"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13026",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13026",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13026",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13026",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13026"
},
{
"cve": "CVE-2017-13027",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13027"
}
],
"notes": [
{
"category": "general",
"text": "The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13027",
"url": "https://www.suse.com/security/cve/CVE-2017-13027"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13027",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13027",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13027",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13027",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13027"
},
{
"cve": "CVE-2017-13028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13028"
}
],
"notes": [
{
"category": "general",
"text": "The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13028",
"url": "https://www.suse.com/security/cve/CVE-2017-13028"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13028",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13028",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13028",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13028",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13028"
},
{
"cve": "CVE-2017-13029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13029"
}
],
"notes": [
{
"category": "general",
"text": "The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13029",
"url": "https://www.suse.com/security/cve/CVE-2017-13029"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13029",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13029",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13029",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13029",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13029"
},
{
"cve": "CVE-2017-13030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13030"
}
],
"notes": [
{
"category": "general",
"text": "The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13030",
"url": "https://www.suse.com/security/cve/CVE-2017-13030"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13030",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13030",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13030",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13030",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13030"
},
{
"cve": "CVE-2017-13031",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13031"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13031",
"url": "https://www.suse.com/security/cve/CVE-2017-13031"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13031",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13031",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13031",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13031",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13031"
},
{
"cve": "CVE-2017-13032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13032"
}
],
"notes": [
{
"category": "general",
"text": "The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13032",
"url": "https://www.suse.com/security/cve/CVE-2017-13032"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13032",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13032",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13032",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13032",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13032"
},
{
"cve": "CVE-2017-13033",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13033"
}
],
"notes": [
{
"category": "general",
"text": "The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13033",
"url": "https://www.suse.com/security/cve/CVE-2017-13033"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13033",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13033",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13033",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13033",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13033"
},
{
"cve": "CVE-2017-13034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13034"
}
],
"notes": [
{
"category": "general",
"text": "The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13034",
"url": "https://www.suse.com/security/cve/CVE-2017-13034"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13034",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13034",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13034",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13034",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13034"
},
{
"cve": "CVE-2017-13035",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13035"
}
],
"notes": [
{
"category": "general",
"text": "The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13035",
"url": "https://www.suse.com/security/cve/CVE-2017-13035"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13035",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13035",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13035",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13035",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13035"
},
{
"cve": "CVE-2017-13036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13036"
}
],
"notes": [
{
"category": "general",
"text": "The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13036",
"url": "https://www.suse.com/security/cve/CVE-2017-13036"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13036",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13036",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13036",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13036",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13036"
},
{
"cve": "CVE-2017-13037",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13037"
}
],
"notes": [
{
"category": "general",
"text": "The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13037",
"url": "https://www.suse.com/security/cve/CVE-2017-13037"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13037",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13037",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13037",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13037",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13037"
},
{
"cve": "CVE-2017-13038",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13038"
}
],
"notes": [
{
"category": "general",
"text": "The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13038",
"url": "https://www.suse.com/security/cve/CVE-2017-13038"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13038",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13038",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13038",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13038",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13038"
},
{
"cve": "CVE-2017-13039",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13039"
}
],
"notes": [
{
"category": "general",
"text": "The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13039",
"url": "https://www.suse.com/security/cve/CVE-2017-13039"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13039",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13039",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13039",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13039",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13039"
},
{
"cve": "CVE-2017-13040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13040"
}
],
"notes": [
{
"category": "general",
"text": "The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13040",
"url": "https://www.suse.com/security/cve/CVE-2017-13040"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13040",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13040",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13040",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13040",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13040"
},
{
"cve": "CVE-2017-13041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13041"
}
],
"notes": [
{
"category": "general",
"text": "The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13041",
"url": "https://www.suse.com/security/cve/CVE-2017-13041"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13041",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13041",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13041",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13041",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13041"
},
{
"cve": "CVE-2017-13042",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13042"
}
],
"notes": [
{
"category": "general",
"text": "The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13042",
"url": "https://www.suse.com/security/cve/CVE-2017-13042"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13042",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13042",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13042",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13042",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13042"
},
{
"cve": "CVE-2017-13043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13043"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13043",
"url": "https://www.suse.com/security/cve/CVE-2017-13043"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13043",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13043",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13043",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13043",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13043"
},
{
"cve": "CVE-2017-13044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13044"
}
],
"notes": [
{
"category": "general",
"text": "The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13044",
"url": "https://www.suse.com/security/cve/CVE-2017-13044"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13044",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13044",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13044",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13044",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13044"
},
{
"cve": "CVE-2017-13045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13045"
}
],
"notes": [
{
"category": "general",
"text": "The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13045",
"url": "https://www.suse.com/security/cve/CVE-2017-13045"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13045",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13045",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13045",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13045",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13045"
},
{
"cve": "CVE-2017-13046",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13046"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13046",
"url": "https://www.suse.com/security/cve/CVE-2017-13046"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13046",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13046",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13046",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13046",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13046"
},
{
"cve": "CVE-2017-13047",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13047"
}
],
"notes": [
{
"category": "general",
"text": "The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13047",
"url": "https://www.suse.com/security/cve/CVE-2017-13047"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13047",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13047",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13047",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13047",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13047"
},
{
"cve": "CVE-2017-13048",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13048"
}
],
"notes": [
{
"category": "general",
"text": "The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13048",
"url": "https://www.suse.com/security/cve/CVE-2017-13048"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13048",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13048",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13048",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13048",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13048"
},
{
"cve": "CVE-2017-13049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13049"
}
],
"notes": [
{
"category": "general",
"text": "The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13049",
"url": "https://www.suse.com/security/cve/CVE-2017-13049"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13049",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13049",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13049",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13049",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13049"
},
{
"cve": "CVE-2017-13050",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13050"
}
],
"notes": [
{
"category": "general",
"text": "The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13050",
"url": "https://www.suse.com/security/cve/CVE-2017-13050"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13050",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13050",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13050",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13050",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13050"
},
{
"cve": "CVE-2017-13051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13051"
}
],
"notes": [
{
"category": "general",
"text": "The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13051",
"url": "https://www.suse.com/security/cve/CVE-2017-13051"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13051",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13051",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13051",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13051",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13051"
},
{
"cve": "CVE-2017-13052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13052"
}
],
"notes": [
{
"category": "general",
"text": "The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13052",
"url": "https://www.suse.com/security/cve/CVE-2017-13052"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13052",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13052",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13052",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13052",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13052"
},
{
"cve": "CVE-2017-13053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13053"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13053",
"url": "https://www.suse.com/security/cve/CVE-2017-13053"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13053",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13053",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13053",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13053",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13053"
},
{
"cve": "CVE-2017-13054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13054"
}
],
"notes": [
{
"category": "general",
"text": "The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13054",
"url": "https://www.suse.com/security/cve/CVE-2017-13054"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13054",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13054",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13054",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13054",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13054"
},
{
"cve": "CVE-2017-13055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13055"
}
],
"notes": [
{
"category": "general",
"text": "The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13055",
"url": "https://www.suse.com/security/cve/CVE-2017-13055"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13055",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13055",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13055",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13055",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13055"
},
{
"cve": "CVE-2017-13687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13687"
}
],
"notes": [
{
"category": "general",
"text": "The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13687",
"url": "https://www.suse.com/security/cve/CVE-2017-13687"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13687",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13687",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13687",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13687",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13687"
},
{
"cve": "CVE-2017-13688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13688"
}
],
"notes": [
{
"category": "general",
"text": "The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13688",
"url": "https://www.suse.com/security/cve/CVE-2017-13688"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13688",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13688",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13688",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13688",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13688"
},
{
"cve": "CVE-2017-13689",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13689"
}
],
"notes": [
{
"category": "general",
"text": "The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13689",
"url": "https://www.suse.com/security/cve/CVE-2017-13689"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13689",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13689",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13689",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13689",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13689"
},
{
"cve": "CVE-2017-13690",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13690"
}
],
"notes": [
{
"category": "general",
"text": "The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13690",
"url": "https://www.suse.com/security/cve/CVE-2017-13690"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13690",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13690",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13690",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13690",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13690"
},
{
"cve": "CVE-2017-13725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13725"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13725",
"url": "https://www.suse.com/security/cve/CVE-2017-13725"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13725",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13725",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13725",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13725",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-13725"
},
{
"cve": "CVE-2017-16808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16808"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16808",
"url": "https://www.suse.com/security/cve/CVE-2017-16808"
},
{
"category": "external",
"summary": "SUSE Bug 1068716 for CVE-2017-16808",
"url": "https://bugzilla.suse.com/1068716"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2017-16808",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2017-16808"
},
{
"cve": "CVE-2017-5202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5202"
}
],
"notes": [
{
"category": "general",
"text": "The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5202",
"url": "https://www.suse.com/security/cve/CVE-2017-5202"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2017-5202",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-5202"
},
{
"cve": "CVE-2017-5203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5203"
}
],
"notes": [
{
"category": "general",
"text": "The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5203",
"url": "https://www.suse.com/security/cve/CVE-2017-5203"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2017-5203",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-5203"
},
{
"cve": "CVE-2017-5204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5204"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5204",
"url": "https://www.suse.com/security/cve/CVE-2017-5204"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2017-5204",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-5204"
},
{
"cve": "CVE-2017-5205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5205"
}
],
"notes": [
{
"category": "general",
"text": "The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5205",
"url": "https://www.suse.com/security/cve/CVE-2017-5205"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2017-5205",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-5205"
},
{
"cve": "CVE-2017-5341",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5341"
}
],
"notes": [
{
"category": "general",
"text": "The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5341",
"url": "https://www.suse.com/security/cve/CVE-2017-5341"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2017-5341",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-5341"
},
{
"cve": "CVE-2017-5342",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5342"
}
],
"notes": [
{
"category": "general",
"text": "In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5342",
"url": "https://www.suse.com/security/cve/CVE-2017-5342"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2017-5342",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-5342"
},
{
"cve": "CVE-2017-5482",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5482"
}
],
"notes": [
{
"category": "general",
"text": "The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5482",
"url": "https://www.suse.com/security/cve/CVE-2017-5482"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2017-5482",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-5482"
},
{
"cve": "CVE-2017-5483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5483"
}
],
"notes": [
{
"category": "general",
"text": "The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5483",
"url": "https://www.suse.com/security/cve/CVE-2017-5483"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2017-5483",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-5483"
},
{
"cve": "CVE-2017-5484",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5484"
}
],
"notes": [
{
"category": "general",
"text": "The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5484",
"url": "https://www.suse.com/security/cve/CVE-2017-5484"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2017-5484",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-5484"
},
{
"cve": "CVE-2017-5485",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5485"
}
],
"notes": [
{
"category": "general",
"text": "The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5485",
"url": "https://www.suse.com/security/cve/CVE-2017-5485"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2017-5485",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-5485"
},
{
"cve": "CVE-2017-5486",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5486"
}
],
"notes": [
{
"category": "general",
"text": "The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5486",
"url": "https://www.suse.com/security/cve/CVE-2017-5486"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2017-5486",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-5486"
},
{
"cve": "CVE-2018-10103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10103"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10103",
"url": "https://www.suse.com/security/cve/CVE-2018-10103"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-10103",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-10103"
},
{
"cve": "CVE-2018-10105",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10105"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10105",
"url": "https://www.suse.com/security/cve/CVE-2018-10105"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-10105",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-10105"
},
{
"cve": "CVE-2018-14461",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14461"
}
],
"notes": [
{
"category": "general",
"text": "The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14461",
"url": "https://www.suse.com/security/cve/CVE-2018-14461"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14461",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14461"
},
{
"cve": "CVE-2018-14462",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14462"
}
],
"notes": [
{
"category": "general",
"text": "The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14462",
"url": "https://www.suse.com/security/cve/CVE-2018-14462"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14462",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14462"
},
{
"cve": "CVE-2018-14463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14463"
}
],
"notes": [
{
"category": "general",
"text": "The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14463",
"url": "https://www.suse.com/security/cve/CVE-2018-14463"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14463",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14463"
},
{
"cve": "CVE-2018-14464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14464"
}
],
"notes": [
{
"category": "general",
"text": "The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14464",
"url": "https://www.suse.com/security/cve/CVE-2018-14464"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14464",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14464"
},
{
"cve": "CVE-2018-14465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14465"
}
],
"notes": [
{
"category": "general",
"text": "The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14465",
"url": "https://www.suse.com/security/cve/CVE-2018-14465"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14465",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14465"
},
{
"cve": "CVE-2018-14466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14466"
}
],
"notes": [
{
"category": "general",
"text": "The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14466",
"url": "https://www.suse.com/security/cve/CVE-2018-14466"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14466",
"url": "https://bugzilla.suse.com/1153098"
},
{
"category": "external",
"summary": "SUSE Bug 1166972 for CVE-2018-14466",
"url": "https://bugzilla.suse.com/1166972"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14466"
},
{
"cve": "CVE-2018-14467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14467"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14467",
"url": "https://www.suse.com/security/cve/CVE-2018-14467"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14467",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14467"
},
{
"cve": "CVE-2018-14468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14468"
}
],
"notes": [
{
"category": "general",
"text": "The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14468",
"url": "https://www.suse.com/security/cve/CVE-2018-14468"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14468",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14468"
},
{
"cve": "CVE-2018-14469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14469"
}
],
"notes": [
{
"category": "general",
"text": "The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14469",
"url": "https://www.suse.com/security/cve/CVE-2018-14469"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14469",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14469"
},
{
"cve": "CVE-2018-14470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14470"
}
],
"notes": [
{
"category": "general",
"text": "The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14470",
"url": "https://www.suse.com/security/cve/CVE-2018-14470"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14470",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14470"
},
{
"cve": "CVE-2018-14879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14879"
}
],
"notes": [
{
"category": "general",
"text": "The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14879",
"url": "https://www.suse.com/security/cve/CVE-2018-14879"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14879",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2018-14879"
},
{
"cve": "CVE-2018-14880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14880"
}
],
"notes": [
{
"category": "general",
"text": "The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14880",
"url": "https://www.suse.com/security/cve/CVE-2018-14880"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14880",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14880"
},
{
"cve": "CVE-2018-14881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14881"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14881",
"url": "https://www.suse.com/security/cve/CVE-2018-14881"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14881",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14881"
},
{
"cve": "CVE-2018-14882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14882"
}
],
"notes": [
{
"category": "general",
"text": "The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14882",
"url": "https://www.suse.com/security/cve/CVE-2018-14882"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-14882",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14882"
},
{
"cve": "CVE-2018-16227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16227"
}
],
"notes": [
{
"category": "general",
"text": "The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16227",
"url": "https://www.suse.com/security/cve/CVE-2018-16227"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16227",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16227"
},
{
"cve": "CVE-2018-16228",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16228"
}
],
"notes": [
{
"category": "general",
"text": "The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16228",
"url": "https://www.suse.com/security/cve/CVE-2018-16228"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16228",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16228"
},
{
"cve": "CVE-2018-16229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16229"
}
],
"notes": [
{
"category": "general",
"text": "The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16229",
"url": "https://www.suse.com/security/cve/CVE-2018-16229"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16229",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16229"
},
{
"cve": "CVE-2018-16230",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16230"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16230",
"url": "https://www.suse.com/security/cve/CVE-2018-16230"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16230",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16230"
},
{
"cve": "CVE-2018-16300",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16300"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16300",
"url": "https://www.suse.com/security/cve/CVE-2018-16300"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16300",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2018-16300"
},
{
"cve": "CVE-2018-16301",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16301"
}
],
"notes": [
{
"category": "general",
"text": "The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16301",
"url": "https://www.suse.com/security/cve/CVE-2018-16301"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16301",
"url": "https://bugzilla.suse.com/1153098"
},
{
"category": "external",
"summary": "SUSE Bug 1153332 for CVE-2018-16301",
"url": "https://bugzilla.suse.com/1153332"
},
{
"category": "external",
"summary": "SUSE Bug 1195825 for CVE-2018-16301",
"url": "https://bugzilla.suse.com/1195825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2018-16301"
},
{
"cve": "CVE-2018-16451",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16451"
}
],
"notes": [
{
"category": "general",
"text": "The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16451",
"url": "https://www.suse.com/security/cve/CVE-2018-16451"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16451",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16451"
},
{
"cve": "CVE-2018-16452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16452"
}
],
"notes": [
{
"category": "general",
"text": "The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16452",
"url": "https://www.suse.com/security/cve/CVE-2018-16452"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2018-16452",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-16452"
},
{
"cve": "CVE-2018-19519",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19519"
}
],
"notes": [
{
"category": "general",
"text": "In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19519",
"url": "https://www.suse.com/security/cve/CVE-2018-19519"
},
{
"category": "external",
"summary": "SUSE Bug 1117267 for CVE-2018-19519",
"url": "https://bugzilla.suse.com/1117267"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-19519"
},
{
"cve": "CVE-2019-1010220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-1010220"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: \"ND_PRINT((ndo, \"%s\", buf));\", in function named \"print_prefix\", in \"print-hncp.c\". The attack vector is: The victim must open a specially crafted pcap file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-1010220",
"url": "https://www.suse.com/security/cve/CVE-2019-1010220"
},
{
"category": "external",
"summary": "SUSE Bug 1142439 for CVE-2019-1010220",
"url": "https://bugzilla.suse.com/1142439"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2019-1010220",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-1010220"
},
{
"cve": "CVE-2019-15166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15166"
}
],
"notes": [
{
"category": "general",
"text": "lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15166",
"url": "https://www.suse.com/security/cve/CVE-2019-15166"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2019-15166",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-15166"
},
{
"cve": "CVE-2019-15167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15167"
}
],
"notes": [
{
"category": "general",
"text": "The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15167",
"url": "https://www.suse.com/security/cve/CVE-2019-15167"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2019-15167",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-15167"
},
{
"cve": "CVE-2020-8037",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8037"
}
],
"notes": [
{
"category": "general",
"text": "The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8037",
"url": "https://www.suse.com/security/cve/CVE-2020-8037"
},
{
"category": "external",
"summary": "SUSE Bug 1178466 for CVE-2020-8037",
"url": "https://bugzilla.suse.com/1178466"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.aarch64",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.ppc64le",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.s390x",
"openSUSE Tumbleweed:tcpdump-4.99.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-8037"
}
]
}
opensuse-su-2019:1964-1
Vulnerability from csaf_opensuse
Published
2019-08-20 10:56
Modified
2019-08-20 10:56
Summary
Security update for tcpdump
Notes
Title of the patch
Security update for tcpdump
Description of the patch
This update for tcpdump fixes the following issues:
Security issues fixed:
- CVE-2019-1010220: Fixed a buffer over-read in print_prefix() which may expose data (bsc#1142439).
- CVE-2017-16808: Fixed a heap-based buffer over-read related to aoe_print() and lookup_emem() (bsc#1068716).
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames
openSUSE-2019-1964
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for tcpdump",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for tcpdump fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-1010220: Fixed a buffer over-read in print_prefix() which may expose data (bsc#1142439).\n- CVE-2017-16808: Fixed a heap-based buffer over-read related to aoe_print() and lookup_emem() (bsc#1068716).\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-1964",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_1964-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:1964-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4VLIEZJL2QEPKCED2PAQPK5ATCJVUIOA/#4VLIEZJL2QEPKCED2PAQPK5ATCJVUIOA"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:1964-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4VLIEZJL2QEPKCED2PAQPK5ATCJVUIOA/#4VLIEZJL2QEPKCED2PAQPK5ATCJVUIOA"
},
{
"category": "self",
"summary": "SUSE Bug 1068716",
"url": "https://bugzilla.suse.com/1068716"
},
{
"category": "self",
"summary": "SUSE Bug 1142439",
"url": "https://bugzilla.suse.com/1142439"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16808 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-1010220 page",
"url": "https://www.suse.com/security/cve/CVE-2019-1010220/"
}
],
"title": "Security update for tcpdump",
"tracking": {
"current_release_date": "2019-08-20T10:56:53Z",
"generator": {
"date": "2019-08-20T10:56:53Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:1964-1",
"initial_release_date": "2019-08-20T10:56:53Z",
"revision_history": [
{
"date": "2019-08-20T10:56:53Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-lp151.4.3.1.x86_64",
"product": {
"name": "tcpdump-4.9.2-lp151.4.3.1.x86_64",
"product_id": "tcpdump-4.9.2-lp151.4.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.0",
"product": {
"name": "openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.0"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-lp151.4.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:tcpdump-4.9.2-lp151.4.3.1.x86_64"
},
"product_reference": "tcpdump-4.9.2-lp151.4.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-lp151.4.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.3.1.x86_64"
},
"product_reference": "tcpdump-4.9.2-lp151.4.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-16808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16808"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp151.4.3.1.x86_64",
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16808",
"url": "https://www.suse.com/security/cve/CVE-2017-16808"
},
{
"category": "external",
"summary": "SUSE Bug 1068716 for CVE-2017-16808",
"url": "https://bugzilla.suse.com/1068716"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2017-16808",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp151.4.3.1.x86_64",
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp151.4.3.1.x86_64",
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-20T10:56:53Z",
"details": "important"
}
],
"title": "CVE-2017-16808"
},
{
"cve": "CVE-2019-1010220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-1010220"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: \"ND_PRINT((ndo, \"%s\", buf));\", in function named \"print_prefix\", in \"print-hncp.c\". The attack vector is: The victim must open a specially crafted pcap file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp151.4.3.1.x86_64",
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-1010220",
"url": "https://www.suse.com/security/cve/CVE-2019-1010220"
},
{
"category": "external",
"summary": "SUSE Bug 1142439 for CVE-2019-1010220",
"url": "https://bugzilla.suse.com/1142439"
},
{
"category": "external",
"summary": "SUSE Bug 1153098 for CVE-2019-1010220",
"url": "https://bugzilla.suse.com/1153098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp151.4.3.1.x86_64",
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:tcpdump-4.9.2-lp151.4.3.1.x86_64",
"openSUSE Leap 15.1:tcpdump-4.9.2-lp151.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-08-20T10:56:53Z",
"details": "moderate"
}
],
"title": "CVE-2019-1010220"
}
]
}
cnvd-2019-24006
Vulnerability from cnvd
Title
tcpdump缓冲区溢出漏洞(CNVD-2019-24006)
Description
tcpdump是Tcpdump团队的一套运行在命令行下的嗅探工具。该工具主要用于数据包分析和网络流量捕获等。
tcpdump 4.9.2版本中存在缓冲区溢出漏洞。该漏洞源于网络系统或产品在内存上执行操作时,未正确验证数据边界,导致向关联的其他内存位置上执行了错误的读写操作。攻击者可利用该漏洞导致缓冲区溢出或堆溢出等。
Severity
中
VLAI Severity ?
Formal description
目前厂商暂未发布修复措施解决此安全问题,建议使用此软件的用户随时关注厂商主页或参考网址以获取解决办法: https://www.tcpdump.org/
Reference
https://nvd.nist.gov/vuln/detail/CVE-2019-1010220
Impacted products
| Name | Tcpdump tcpdump 4.9.2 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2019-1010220"
}
},
"description": "tcpdump\u662fTcpdump\u56e2\u961f\u7684\u4e00\u5957\u8fd0\u884c\u5728\u547d\u4ee4\u884c\u4e0b\u7684\u55c5\u63a2\u5de5\u5177\u3002\u8be5\u5de5\u5177\u4e3b\u8981\u7528\u4e8e\u6570\u636e\u5305\u5206\u6790\u548c\u7f51\u7edc\u6d41\u91cf\u6355\u83b7\u7b49\u3002\n\ntcpdump 4.9.2\u7248\u672c\u4e2d\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u5728\u5185\u5b58\u4e0a\u6267\u884c\u64cd\u4f5c\u65f6\uff0c\u672a\u6b63\u786e\u9a8c\u8bc1\u6570\u636e\u8fb9\u754c\uff0c\u5bfc\u81f4\u5411\u5173\u8054\u7684\u5176\u4ed6\u5185\u5b58\u4f4d\u7f6e\u4e0a\u6267\u884c\u4e86\u9519\u8bef\u7684\u8bfb\u5199\u64cd\u4f5c\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7f13\u51b2\u533a\u6ea2\u51fa\u6216\u5806\u6ea2\u51fa\u7b49\u3002",
"discovererName": "unKnow",
"formalWay": "\u76ee\u524d\u5382\u5546\u6682\u672a\u53d1\u5e03\u4fee\u590d\u63aa\u65bd\u89e3\u51b3\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u5efa\u8bae\u4f7f\u7528\u6b64\u8f6f\u4ef6\u7684\u7528\u6237\u968f\u65f6\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u6216\u53c2\u8003\u7f51\u5740\u4ee5\u83b7\u53d6\u89e3\u51b3\u529e\u6cd5\uff1a\r\nhttps://www.tcpdump.org/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-24006",
"openTime": "2019-07-24",
"products": {
"product": "Tcpdump tcpdump 4.9.2"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-1010220",
"serverity": "\u4e2d",
"submitTime": "2019-07-24",
"title": "tcpdump\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2019-24006\uff09"
}
fkie_cve-2019-1010220
Vulnerability from fkie_nvd
Published
2019-07-22 18:15
Modified
2024-11-21 04:18
Severity ?
Summary
tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-hncp.c". The attack vector is: The victim must open a specially crafted pcap file.
References
| URL | Tags | ||
|---|---|---|---|
| josh@bress.net | http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00065.html | ||
| josh@bress.net | http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html | ||
| josh@bress.net | http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html | ||
| josh@bress.net | https://github.com/the-tcpdump-group/tcpdump/blob/master/print-hncp.c | Patch, Third Party Advisory | |
| josh@bress.net | https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9.2/print-hncp.c | Patch, Third Party Advisory | |
| josh@bress.net | https://github.com/the-tcpdump-group/tcpdump/commits/master/print-hncp.c | Patch, Third Party Advisory | |
| josh@bress.net | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/ | ||
| josh@bress.net | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/ | ||
| josh@bress.net | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/ | ||
| josh@bress.net | https://usn.ubuntu.com/4252-1/ | ||
| josh@bress.net | https://usn.ubuntu.com/4252-2/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00065.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/the-tcpdump-group/tcpdump/blob/master/print-hncp.c | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9.2/print-hncp.c | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/the-tcpdump-group/tcpdump/commits/master/print-hncp.c | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4252-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4252-2/ |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tcpdump:tcpdump:4.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E9FBA366-800E-4163-8E22-A652750C4F28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: \"ND_PRINT((ndo, \"%s\", buf));\", in function named \"print_prefix\", in \"print-hncp.c\". The attack vector is: The victim must open a specially crafted pcap file."
},
{
"lang": "es",
"value": "tcpdump de tcpdump.org versi\u00f3n 4.9.2 est\u00e1 afectado por: CWE-126: Sobrecarga del B\u00fafer. El impacto es: puede exponer el Puntero Frame Guardado, la Direcci\u00f3n de Retorno, etc. en la pila. El componente es: l\u00ednea 234: \"ND_PRINT((ndo,\"% s\",buf));\", en la funci\u00f3n llamada \"print_prefix\", en el archivo \"print-hncp.c\". El vector de ataque es: La v\u00edctima necesita abrir un archivo pcap especialmente dise\u00f1ado."
}
],
"id": "CVE-2019-1010220",
"lastModified": "2024-11-21T04:18:03.980",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-22T18:15:11.027",
"references": [
{
"source": "josh@bress.net",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00065.html"
},
{
"source": "josh@bress.net",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html"
},
{
"source": "josh@bress.net",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html"
},
{
"source": "josh@bress.net",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/blob/master/print-hncp.c"
},
{
"source": "josh@bress.net",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9.2/print-hncp.c"
},
{
"source": "josh@bress.net",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/commits/master/print-hncp.c"
},
{
"source": "josh@bress.net",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/"
},
{
"source": "josh@bress.net",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
},
{
"source": "josh@bress.net",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"source": "josh@bress.net",
"url": "https://usn.ubuntu.com/4252-1/"
},
{
"source": "josh@bress.net",
"url": "https://usn.ubuntu.com/4252-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00065.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/blob/master/print-hncp.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9.2/print-hncp.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/commits/master/print-hncp.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/4252-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/4252-2/"
}
],
"sourceIdentifier": "josh@bress.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-126"
}
],
"source": "josh@bress.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…