Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2018-16301

The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.

Related bugs and status

CVE-2018-16301 (Candidate) is related to these bugs:

Bug #1847520: 33 Upstream CVEs patched

Summary				In	Importance	Status
	1847520	33 Upstream CVEs patched		tcpdump (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://github.com/the...