Vulnerability CVE-2018-14463: Information

Description

The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2018-14463
Published: Oct. 3, 2019
Modified: Nov. 7, 2023
Error type identifier: CWE-125

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
tcpdumpsisyphus4.9.3-alt14.99.4-alt1ALT-PU-2019-3120-1239373Fixed
tcpdumpp104.9.3-alt14.9.3-alt2ALT-PU-2019-3120-1239373Fixed
tcpdumpp94.9.3-alt24.9.3-alt2ALT-PU-2020-3563-1263886Fixed
tcpdumpc10f14.9.3-alt14.9.3-alt2ALT-PU-2019-3120-1239373Fixed
tcpdumpc9f24.9.3-alt24.9.3-alt2ALT-PU-2021-1433-1267221Fixed
tcpdumpp114.9.3-alt14.99.4-alt1ALT-PU-2019-3120-1239373Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://github.com/the-tcpdump-group/tcpdump/commit/3de07c772166b7e8e8bb4b9d1d078f1d901b570b
  • Patch
  • Third Party Advisory
https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
  • Release Notes
  • Third Party Advisory
[debian-lts-announce] 20191011 [SECURITY] [DLA 1955-1] tcpdump security update
  • Third Party Advisory
openSUSE-SU-2019:2348
  • Third Party Advisory
openSUSE-SU-2019:2344
  • Third Party Advisory
20191021 [SECURITY] [DSA 4547-1] tcpdump security update
  • Mailing List
  • Third Party Advisory
DSA-4547
  • Third Party Advisory
https://support.apple.com/kb/HT210788
  • Third Party Advisory
20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra
  • Mailing List
  • Third Party Advisory
20191213 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra
  • Mailing List
  • Third Party Advisory
https://security.netapp.com/advisory/ntap-20200120-0001/
    USN-4252-2
      USN-4252-1
        FEDORA-2019-85d92df70f
          FEDORA-2019-d06bc63433
            FEDORA-2019-6db0d5b9d9

                1. Configuration 1

                  cpe:2.3:a:tcpdump:tcpdump:*:*:*:*:*:*:*:*
                  End excliding
                  4.9.3

                  Configuration 2

                  cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
                  cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
                  cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
                  cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
                  cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
                  cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
                  cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*
                  Start including
                  5.0.0
                  End including
                  5.1.0
                  cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
                  cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
                  cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
                  cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
                  cpe:2.3:a:tcpdump:tcpdump:*:*:*:*:*:*:*:*
                  End excliding
                  4.9.3
                  cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
                  End excliding
                  10.15.2
              VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
              Version: v24.5.3
              Back to top