SUSE-SU-2022:14890-1

Опубликовано: 18 фев. 2022

Источник: suse-cvrf

Описание

Security update for tcpdump

This update for tcpdump fixes the following issues:

CVE-2018-16301: Fixed segfault when handling large files (bsc#1195825).

Список пакетов

SUSE Linux Enterprise Point of Sale 11 SP3

tcpdump-3.9.8-1.30.19.1

SUSE Linux Enterprise Server 11 SP4-LTSS

tcpdump-3.9.8-1.30.19.1

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-202214890-1/
Link for SUSE-SU-2022:14890-1
https://lists.suse.com/pipermail/sle-security-updates/2022-February/010249.html
E-Mail link for SUSE-SU-2022:14890-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1195825
SUSE Bug 1195825
https://www.suse.com/security/cve/CVE-2018-16301/
SUSE CVE CVE-2018-16301 page

Описание

The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.

Затронутые продукты

SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.19.1

SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.19.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-16301.html
CVE-2018-16301
https://bugzilla.suse.com/1153098
SUSE Bug 1153098
https://bugzilla.suse.com/1153332
SUSE Bug 1153332
https://bugzilla.suse.com/1195825
SUSE Bug 1195825

SUSE-SU-2022:14890-1

Описание

Список пакетов

SUSE Linux Enterprise Point of Sale 11 SP3

SUSE Linux Enterprise Server 11 SP4-LTSS

Ссылки

Уязвимость: CVE-2018-16301

Описание

Затронутые продукты

Ссылки