EulerOS Virtualization 3.0.2.0 : tcpdump (EulerOS-SA-2023-1714)

According to the versions of the tcpdump package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrpprint for VRRP version 3, a different...

Medium: tcpdump

Issue Overview: The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrpprint for VRRP version 3, a different vulnerability than CVE-2018-14463. CVE-2019-15167 Affected Packages: tcpdump Issue Correction: Run yum update tcpdump or yum update --advisory ALAS-2022-1641 to...

Code injection

The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrpprint for VRRP version 3, a different vulnerability than CVE-2018-14463...

CVE-2019-15167

The CVE-2019-15167 issue affects tcpdump’s VRRP parser. Specifically, the VRRP printer (print-vrrp.c:vrrp_print) for VRRPv3 contains a buffer over-read in tcpdump before version 4.9.3, as documented in multiple advisories. Impact is a crash or potential memory access issues due to improper bounds...

CVE-2018-14463

The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrpprint for VRRP version 2, a different vulnerability than CVE-2019-15167...