MitreCVELIST:CVE-2019-15166CVE-2019-15166 lmp_print in tcpdump lacks certain boundary checks
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L
AI Score
Confidence
High
EPSS
Percentile
76.8%
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
References
lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html
lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html
seclists.org/fulldisclosure/2019/Dec/26
github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
github.com/the-tcpdump-group/tcpdump/commit/0b661e0aa61850234b64394585cf577aac570bf4
lists.debian.org/debian-lts-announce/2019/10/msg00015.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/
seclists.org/bugtraq/2019/Dec/23
seclists.org/bugtraq/2019/Oct/28
security.netapp.com/advisory/ntap-20200120-0001/
support.apple.com/kb/HT210788
usn.ubuntu.com/4252-1/
usn.ubuntu.com/4252-2/
www.debian.org/security/2019/dsa-4547
Related
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L
AI Score
Confidence
High
EPSS
Percentile
76.8%