7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
libpcap.so is vulnerable to denial of service. PCAPNG reader does not perform sanity checks before doing malloc(), causing buffer-overflow if there are errors in pcapng reading.
lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html
lists.opensuse.org/opensuse-security-announce/2019-10/msg00051.html
lists.opensuse.org/opensuse-security-announce/2019-10/msg00052.html
lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html
github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES
github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
github.com/the-tcpdump-group/tcpdump/commit/ad7c25bc0decf96dc7768c9e903734d38528b1bd
lists.fedoraproject.org/archives/list/[email protected]/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/
lists.fedoraproject.org/archives/list/[email protected]/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/
lists.fedoraproject.org/archives/list/[email protected]/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/
lists.fedoraproject.org/archives/list/[email protected]/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/
lists.fedoraproject.org/archives/list/[email protected]/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/
lists.fedoraproject.org/archives/list/[email protected]/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P