9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.012 Low
EPSS
Percentile
85.3%
The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces.
The following packages have been upgraded to a later upstream version: tcpdump (4.9.3). (BZ#1804063)
Security Fix(es):
tcpdump: SMB data printing mishandled (CVE-2018-10103)
tcpdump: SMB data printing mishandled (CVE-2018-10105)
tcpdump: Out of bounds read/write in get_next_file() in tcpdump.c (CVE-2018-14879)
tcpdump: Buffer over-read in ldp_tlv_print() function in print-ldp.c (CVE-2018-14461)
tcpdump: Buffer over-read in icmp_print() function in print-icmp.c (CVE-2018-14462)
tcpdump: Buffer over-read in vrrp_print() function in print-vrrp.c (CVE-2018-14463)
tcpdump: Buffer over-read in lmp_print_data_link_subobjs() function in print-lmp.c (CVE-2018-14464)
tcpdump: Buffer over-read in rsvp_obj_print() function in print-rsvp.c (CVE-2018-14465)
tcpdump: Buffer over-read in print-icmp6.c (CVE-2018-14466)
tcpdump: Buffer over-read in bgp_capabilities_print() in print-bgp.c (CVE-2018-14467)
tcpdump: Buffer over-read in mfr_print() function in print-fr.c (CVE-2018-14468)
tcpdump: Buffer over-read in ikev1_n_print() function in print-isakmp.c (CVE-2018-14469)
tcpdump: Buffer over-read in babel_print_v2() in print-babel.c (CVE-2018-14470)
tcpdump: Buffer over-read in ospf6_print_lshdr() function in print-ospf6.c (CVE-2018-14880)
tcpdump: Buffer over-read in bgp_capabilities_print() function in print-bgp.c (CVE-2018-14881)
tcpdump: Buffer over-read in function rpl_dio_printopt in print-icmp6.c (CVE-2018-14882)
tcpdump: Buffer over-read in print-802_11.c (CVE-2018-16227)
tcpdump: Access to uninitialized buffer in print_prefix() function in print-hncp.c (CVE-2018-16228)
tcpdump: Buffer over-read in dccp_print_option() function in print-dccp.c (CVE-2018-16229)
tcpdump: Buffer over-read in bgp_attr_print() function in print-bgp.c (CVE-2018-16230)
tcpdump: Resource exhaustion in bgp_attr_print() function in print-bgp.c (CVE-2018-16300)
tcpdump: Buffer over-read in print_trans() function in print-smb.c (CVE-2018-16451)
tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c (CVE-2018-16452)
tcpdump: Buffer overflow in lmp_print_data_link_subobjs() in print-lmp.c (CVE-2019-15166)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 8 | ppc64le | tcpdump-debuginfo | < 4.9.3-1.el8 | tcpdump-debuginfo-4.9.3-1.el8.ppc64le.rpm |
RedHat | 8 | aarch64 | tcpdump-debugsource | < 4.9.3-1.el8 | tcpdump-debugsource-4.9.3-1.el8.aarch64.rpm |
RedHat | 8 | aarch64 | tcpdump-debuginfo | < 4.9.3-1.el8 | tcpdump-debuginfo-4.9.3-1.el8.aarch64.rpm |
RedHat | 8 | s390x | tcpdump-debuginfo | < 4.9.3-1.el8 | tcpdump-debuginfo-4.9.3-1.el8.s390x.rpm |
RedHat | 8 | s390x | tcpdump-debugsource | < 4.9.3-1.el8 | tcpdump-debugsource-4.9.3-1.el8.s390x.rpm |
RedHat | 8 | ppc64le | tcpdump | < 4.9.3-1.el8 | tcpdump-4.9.3-1.el8.ppc64le.rpm |
RedHat | 8 | x86_64 | tcpdump-debuginfo | < 4.9.3-1.el8 | tcpdump-debuginfo-4.9.3-1.el8.x86_64.rpm |
RedHat | 8 | aarch64 | tcpdump | < 4.9.3-1.el8 | tcpdump-4.9.3-1.el8.aarch64.rpm |
RedHat | 8 | s390x | tcpdump | < 4.9.3-1.el8 | tcpdump-4.9.3-1.el8.s390x.rpm |
RedHat | 8 | ppc64le | tcpdump-debugsource | < 4.9.3-1.el8 | tcpdump-debugsource-4.9.3-1.el8.ppc64le.rpm |
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.012 Low
EPSS
Percentile
85.3%