CVE-2014-9140

CWE-119Buffer Overflow10 documents9 sources
Severity
5.0MEDIUM
EPSS
5.5%
top 9.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Tcpdump
Timeline
PublishedDec 5
Latest updateMay 14

Description

Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

Debiantcpdump< 4.6.2-3+3
NVDredhat/tcpdump4.6.2

Patches

Patch: www.ubuntu.comPatch: www.ubuntu.com

🔴Vulnerability Details

3
GHSA
GHSA-v564-r5jq-5c36: Buffer overflow in the ppp_hdlc function in print-ppp2022-05-14
CVEList
CVE-2014-9140: Buffer overflow in the ppp_hdlc function in print-ppp2014-12-05
OSV
CVE-2014-9140: Buffer overflow in the ppp_hdlc function in print-ppp2014-12-05

📋Vendor Advisories

4
Ubuntu
tcpdump vulnerabilities2014-12-04
Red Hat
tcpdump: incorrect handling of PPP packets printing2014-11-24
Debian
CVE-2014-9140: tcpdump - Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and ear...2014
Apple
CVE-2014-9140: OS X Yosemite v10.10.5 and Security Update 2015-006

💬Community

2
Bugzilla
CVE-2014-9140 tcpdump: incorrect handling of PPP packets printing [fedora-all]2014-12-05
Bugzilla
CVE-2014-9140 tcpdump: incorrect handling of PPP packets printing2014-12-05
CVE-2014-9140 (MEDIUM CVSS 5) | Buffer overflow in the ppp_hdlc fun | cvebase.io