CVE-2019-1010220 — Buffer Over-read in Tcpdump

CWE-126 — Buffer Over-read CWE-125 — Out-of-bounds Read9 documents7 sources

Severity

3.3LOWNVD

EPSS

0.3%

top 47.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Tcpdump.org Tcpdump Tcpdump Debian Tcpdump

Timeline

PublishedJul 22

Latest updateMay 24

Description

tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-hncp.c". The attack vector is: The victim must open a specially crafted pcap file.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages3 packages

▶debiandebian/tcpdump

▶NVDtcpdump/tcpdump4.9.2

▶CVEListV5tcpdump.org/tcpdump4.9.2

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-fj2x-3wgg-g9c7: tcpdump↗2022-05-24

▶

OSV

CVE-2019-1010220: tcpdump↗2019-07-22

▶

📋Vendor Advisories

Ubuntu

tcpdump vulnerabilities↗2020-01-27

▶

Ubuntu

tcpdump vulnerabilities↗2020-01-27

▶

Red Hat

tcpdump: buffer over-read in function print_prefix in print-hncp.c↗2019-08-01

▶

Debian

CVE-2019-1010220: tcpdump - tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact ...↗2019

▶

💬Community

Bugzilla

CVE-2019-1010220 tcpdump: buffer over-read in function print_prefix in print-hncp.c↗2019-08-01

▶

Bugzilla

CVE-2019-1010220 tcpdump: buffer over-read in function print_prefix in print-hncp.c [fedora-all]↗2019-08-01

▶