Описание
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.
A flaw was found in tcpdump while printing PPP packets captured in a pcap file or coming from the network. This flaw allows a remote attacker to send specially crafted packets that, when printed, can lead the application to allocate a large amount of memory, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | tcpdump | Out of support scope | ||
| Red Hat Enterprise Linux 6 | tcpdump | Out of support scope | ||
| Red Hat Enterprise Linux 7 | tcpdump | Out of support scope | ||
| Red Hat Enterprise Linux 8 | tcpdump | Fixed | RHSA-2021:4236 | 09.11.2021 |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.
ppp decapsulator can be convinced to allocate a large amount of memory
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a l ...
7.5 High
CVSS3