1760500 – (CVE-2018-16301) CVE-2018-16301 tcpdump: Buffer overflow in the -F command line argument parser

Bug 1760500 (CVE-2018-16301) - CVE-2018-16301 tcpdump: Buffer overflow in the -F command line argument parser

Summary: CVE-2018-16301 tcpdump: Buffer overflow in the -F command line argument parser

Keywords:
Status:	NEW
Alias:	CVE-2018-16301
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1760624 2086463
Blocks:	1760627
TreeView+	depends on / blocked

Reported:	2019-10-10 17:03 UTC by Pedro Sampaio
Modified:	2023-07-07 08:31 UTC (History)
CC List:	5 users (show)
Fixed In Version:	tcpdump 4.99.0
Clone Of:
Environment:
Last Closed:	2020-01-21 18:14:23 UTC
Embargoed:

Attachments	(Terms of Use)

Description Pedro Sampaio 2019-10-10 17:03:15 UTC

libpcap before 1.9.1, as used in tcpdump before 4.9.3, has a buffer overflow and/or over-read because of errors in pcapng reading.

References:

https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES

Comment 1 Pedro Sampaio 2019-10-10 23:58:38 UTC

Created libpcap tracking bugs for this issue:

Affects: fedora-all [bug 1760624]

Comment 2 Riccardo Schirone 2020-01-21 18:14:23 UTC

According to upstream (see comments after https://github.com/the-tcpdump-group/libpcap/issues/855#issuecomment-575450988) this is not a real issue in libpcap, so I'm closing this as NOTABUG.

Comment 4 Mauro Matteo Cascella 2022-05-16 08:51:44 UTC

Following the discussion on https://github.com/the-tcpdump-group/libpcap/issues/855, I'm turning this bug into a security issue for tcpdump (instead of libpcap).

Upstream fix:
https://github.com/the-tcpdump-group/tcpdump/commit/faf8fb7 [master]
https://github.com/the-tcpdump-group/tcpdump/commit/8ab211a [4.9]

Note You need to log in before you can comment on or make changes to this bug.