1760518 – (CVE-2018-16452) CVE-2018-16452 tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c

Bug 1760518 (CVE-2018-16452) - CVE-2018-16452 tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c

Summary: CVE-2018-16452 tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c

Keywords:
Status:	NEW
Alias:	CVE-2018-16452
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1760626
Blocks:	1760628
TreeView+	depends on / blocked

Reported:	2019-10-10 17:34 UTC by Pedro Sampaio
Modified:	2019-10-11 13:38 UTC (History)
CC List:	6 users (show)
Fixed In Version:	tcpdump 4.9.3
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Pedro Sampaio 2019-10-10 17:34:25 UTC

The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.

Upstream patch:

https://github.com/the-tcpdump-group/tcpdump/commit/24182d959f661327525a20d9a94c98a8ec016778

References:

https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES

Comment 1 Pedro Sampaio 2019-10-11 00:04:52 UTC

Created tcpdump tracking bugs for this issue:

Affects: fedora-all [bug 1760626]

Note You need to log in before you can comment on or make changes to this bug.