CVE-2018-14880 (NVD)

2019-10-03

The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().

Products Mac_os_x, Debian_linux, Big\-Ip_access_policy_manager, Big\-Ip_advanced_firewall_manager, Big\-Ip_analytics, Big\-Ip_application_acceleration_manager, Big\-Ip_application_security_manager, Big\-Ip_domain_name_system, Big\-Ip_edge_gateway, Big\-Ip_fraud_protection_service, Big\-Ip_global_traffic_manager, Big\-Ip_link_controller, Big\-Ip_local_traffic_manager, Big\-Ip_policy_enforcement_manager, Big\-Ip_webaccelerator, Big\-Iq_centralized_management, Enterprise_manager, Iworkflow, Traffix_signaling_delivery_controller, Fedora, Leap, Enterprise_linux, Tcpdump
Type Out-of-bounds Read (CWE-125)
First patch - None (likely due to unavailable code)
Patches https://github.com/the-tcpdump-group/tcpdump/commit/e01c9bf76740802025c9328901b55ee4a0c49ed6
Links http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html
http://seclists.org/fulldisclosure/2019/Dec/26
https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
https://www.debian.org/security/2019/dsa-4547
https://usn.ubuntu.com/4252-2/