tcpdump mailing list archives
Re: [the-tcpdump-group/libpcap] CVE-2018-16301 information (#855)
From: Michael Richardson <mcr () sandelman ca>
Date: Sun, 06 Oct 2019 16:18:07 +0200
carnil <notifications () github com> wrote: > Information on CVE-2018-16301 seem to indicate that it first was > thought to be an issue in tcpdump, but then it's clearly stated that it > is fixed in libpcap. > The CVE description submitted to MITRE is as well inline with that: (okay, but don't use that as authoritative, since I am the one that wrote that) >> libpcap before 1.9.1, as used in tcpdump before 4.9.3, has a buffer >> overflow and/or over-read because of errors in pcapng reading. > We have marked it now as such in Debian's records, but if > CVE-2018-16301 is a duplicate of CVE-2019-15161 then preferably > upstream would need to ask MITRE to reject CVE-2018-16301. MITRE has a very poor record and very high latency for responding. I'm happy to get our records cleared up; I will be adding a "duplicates" column to my CSV file. I'm just still in a bit of PTSD from having worked on this stuff for too long :-( -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | network architect [ ] mcr () sandelman ca http://www.sandelman.ca/ | ruby on rails [ _______________________________________________ tcpdump-workers mailing list tcpdump-workers () lists tcpdump org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Current thread:
- Re: [the-tcpdump-group/libpcap] CVE-2018-16301 information (#855) Michael Richardson (Oct 06)
- <Possible follow-ups>
- Re: [the-tcpdump-group/libpcap] CVE-2018-16301 information (#855) Michael Richardson (Oct 06)