MGASA-2026-0113 Updated tcpflow packages fix security vulnerability

tcpflow has TIM Element OOB Write in wifipcap. CVE-2026-25061...

Updated tcpflow packages fix security vulnerability

tcpflow has TIM Element OOB Write in wifipcap. CVE-2026-25061...

CVE-2026-25061

tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past...

EUVD-2026-4944

tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past...

CVE-2026-25061 tcpflow has TIM Element OOB Write in wifipcap

tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past...

CVE-2026-25061

tcpflow is affected by a TIM element handling bug in wifipcap: a crafted 802.11 frame with a large TIM length can cause a 1‑byte out‑of‑bounds write at tim.bitmap[251], due to a faulty length check. The overflow is on a stack‑allocated structure in handle_beacon; impact is DoS with potential (but...

CVE-2026-25061 tcpflow has TIM Element OOB Write in wifipcap

tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past...

CVE-2026-25061

tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past...

CVE-2026-25061

tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past...

TCPFLOW buffer error vulnerability

TCPFLOW is a TCP/IP packet demuxer developed by Simson L. Garfinkel. Versions of TCPFLOW 1.61 and earlier contained a buffer error vulnerability. This vulnerability stemmed from the use of wifipcap to perform length checks on error fields when processing TIM elements, which could lead to...

SUSE CVE-2018-14938

An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handleprism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle80211, which will result in an out-of-bounds...

Updated tcpflow packages fix security vulnerability

pdated tcpflow package fixes security vulnerability: An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handleprism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the functio...

tcpflow integer overflow vulnerability

TCPFLOW is a network monitoring tool that records TCP sessions. An integer overflow vulnerability exists in the wifipcap/wifipcap.cpp file in TCPFLOW 1.5.0-alpha and prior versions. An attacker can exploit this vulnerability to cause an out-of-bounds read and possibly access sensitive memory or...

CVE-2018-14938

An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handleprism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle80211, which will result in an out-of-bounds...

DEBIAN-CVE-2018-14938

An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handleprism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle80211, which will result in an out-of-bounds...

CVE-2018-14938

An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handleprism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle80211, which will result in an out-of-bounds...

CVE-2018-14938

An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handleprism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle80211, which will result in an out-of-bounds...

UBUNTU-CVE-2018-14938

An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handleprism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle80211, which will result in an out-of-bounds...