CVE-2015-2153
Published: 24 March 2015
The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU).
Notes
Author | Note |
---|---|
tyhicks | The github link in the Patches section contains what looks to be a fix for a regression |
Priority
Status
Package | Release | Status |
---|---|---|
tcpdump Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Released
(4.2.1-1ubuntu2.2)
|
|
trusty |
Released
(4.5.1-2ubuntu1.2)
|
|
upstream |
Released
(4.7.2)
|
|
utopic |
Released
(4.6.2-1ubuntu1.2)
|
|
vivid |
Not vulnerable
(4.6.2-4ubuntu1)
|
|
Patches: upstream: https://github.com/the-tcpdump-group/tcpdump/commit/364b00185b8d6c0faa403e79308fbb171a6010d4 upstream: https://github.com/the-tcpdump-group/tcpdump/commit/fb6e5377f392555b8c725f66b8b701f0061a3695 upstream: https://github.com/the-tcpdump-group/tcpdump/commit/3152237177a9abc0bd5016e92fe997ca7d51665d upstream: http://www.ca.tcpdump.org/cve/0001-in-some-cases-we-expect-tcpdump-to-fail-with-an-erro.patch upstream: http://www.ca.tcpdump.org/cve/0002-test-case-files-for-CVE-2015-2153-2154-2155.patch upstream: http://www.ca.tcpdump.org/cve/0003-test-case-for-cve2015-0261-corrupted-IPv6-mobility-h.patch |
||
This vulnerability is mitigated in part by an AppArmor profile. |