6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.002 Low
EPSS
Percentile
61.6%
tcpdump is vulnerable to Denial Of Service (DoS). The vulnerability exists due to the out-of-bounds write in the SMB protocol decoder when decoding a crafted network packet, allowing an attacker to cause an application crash.
CPE | Name | Operator | Version |
---|---|---|---|
tcpdump:sid | eq | 4.9.3-7 | |
tcpdump:sid | eq | 4.9.3-7 |
github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc
github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501
lists.fedoraproject.org/archives/list/[email protected]/message/KOA2BJFERAC3VRQIRHJOWN4HZY4ZA7CH/
lists.fedoraproject.org/archives/list/[email protected]/message/WYL5DEVHRJYF2CM5LTCZKEYFYDZAIZSN/
lists.fedoraproject.org/archives/list/[email protected]/message/ZLLZCG23MU6O4QOG2CX3DLEL3YXP6LAI/
security-tracker.debian.org/tracker/CVE-2023-1801
support.apple.com/kb/HT213844
support.apple.com/kb/HT213845