The vulnerability of the bgp_capabilities_print() function in the packet capture and analysis tool tcpdump allows a hacker to cause a service failure.

The vulnerability of the bgpcapabilitiesprint function print-bgp.c in the network traffic capture and analysis tool tcpdump is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

expat: heap-based buffer over-read via crafted XML input

In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XMLGetCurrentLineNumber or XMLGetCurrentColumnNumber then resulted in a heap-based buffer over-read...

tcpdump: Buffer over-read in icmp_print() function in print-icmp.c

An out-of-bounds read flaw was discovered in tcpdump while printing ICMP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application. System availability...

tcpdump: Buffer over-read in lmp_print_data_link_subobjs() function in print-lmp.c

An out-of-bounds read vulnerability was discovered in tcpdump while printing LMP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...

tcpdump: Buffer over-read in ldp_tlv_print() function in print-ldp.c

An out-of-bounds read vulnerability was discovered in tcpdump while printing LDP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...

tcpdump: Buffer over-read in mfr_print() function in print-fr.c

An out-of-bounds read vulnerability was discovered in tcpdump while printing FRF.16 packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...

tcpdump: Buffer over-read in rsvp_obj_print() function in print-rsvp.c

An out-of-bounds read vulnerability was discovered in tcpdump while printing RSVP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...

tcpdump: Buffer over-read in ospf6_print_lshdr() function in print-ospf6.c

An out-of-bounds read vulnerability was discovered in tcpdump while printing OSPFv3 packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...

tcpdump: Buffer over-read in ikev1_n_print() function in print-isakmp.c

An out-of-bounds read vulnerability was discovered in tcpdump while printing ISAKMP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...

tcpdump: Buffer over-read in bgp_capabilities_print() in print-bgp.c

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpcapabilitiesprint BGPCAPCODEMP...

tcpdump: Buffer over-read in print-802_11.c

An out-of-bounds read vulnerability was discovered in tcpdump while printing IEEE 802.11 packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...

tcpdump: Buffer over-read in print_trans() function in print-smb.c

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:printtrans for \MAILSLOT\BROWSE and \PIPE\LANMAN...

tcpdump: Buffer over-read in bgp_capabilities_print() function in print-bgp.c

An out-of-bounds read vulnerability was discovered in tcpdump while printing BGP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...

tcpdump: Buffer over-read in vrrp_print() function in print-vrrp.c

An out-of-bounds read vulnerability was discovered in tcpdump while printing VRRP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...

tcpdump: Buffer over-read in dccp_print_option() function in print-dccp.c

An out-of-bounds read vulnerability was discovered in tcpdump while printing DCCP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...

tcpdump: Buffer over-read in function rpl_dio_printopt in print-icmp6.c

An out-of-bounds read vulnerability was discovered in tcpdump while printing ICMP6 packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...

tcpdump: Buffer over-read in print-icmp6.c

The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rxcachefind and rxcacheinsert...

SDL: buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMAADPCMnibble in audio/SDLwave.c...

SDL: heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMAADPCMdecode in audio/SDLwave.c...

SDL: heap-based buffer over-read in Map1toN in video/SDL_pixels.c

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDLpixels.c...