Bug 2274792 (CVE-2024-2397)

Summary: CVE-2024-2397 tcpdump: Crafted .pcap file may lead to Denial of Service
Product: [Other] Security Response Reporter: Marco Benatto <mbenatto>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: hkataria, kshier
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in tcpdump. Trying to print content from a maliciously crafted .pcap file may lead to an infinite loop, resulting in a denial of service. This issue is considered low severity; for a successful attack to happen, a user must open a crafted file, and it will only crash a single user's execution of tcpdump.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2274793    
Bug Blocks: 2274794    

Description Marco Benatto 2024-04-12 19:36:29 UTC 
Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile.  This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21.

https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2
Comment 1 Marco Benatto 2024-04-12 19:36:42 UTC 
Created tcpdump tracking bugs for this issue:

Affects: fedora-all [bug 2274793]