Summary: | <net-analyzer/tcpdump-4.9.1: heap-based buffer over-read and application crash (CVE-2017-11108) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | arthur, netmon |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2017-07-12 07:35:40 UTC
Fixed upstream by commit https://github.com/the-tcpdump-group/tcpdump/pull/617 Adding to a existing GLSA Request. @Security please add cve to database. Gentoo Security Padawan ChrisADR This issue was resolved and addressed in GLSA 201709-23 at https://security.gentoo.org/glsa/201709-23 by GLSA coordinator Aaron Bauman (b-man). |