K04367730: FRF.16 parser vulnerability CVE-2018-14468

Security Advisory Description The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfrprint. CVE-2018-14468 Impact When tcpdump is active and configured to parse FRF.16 traffic, certain traffic patterns may trigger a crash or other unexpected behavior of the tcpdump...

tcpdump: Buffer over-read in mfr_print() function in print-fr.c

An out-of-bounds read vulnerability was discovered in tcpdump while printing FRF.16 packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...

Buffer Over-reads

tcpdump is vulnerable to a buffer over-read. The vulnerability exists due to a flaw in print-fr.c:mfrprint...

Design/Logic Flaw

The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfrprint...

CVE-2018-14468

The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfrprint...

UBUNTU-CVE-2018-14468

The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfrprint...