CVE-2023-1801: The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet. 4.99 patch, in 4.99.4 according to changelog: https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1f5108f418a76377ea8907fec53856a388d7f5a7 commit 1f5108f418a76377ea8907fec53856a388d7f5a7 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-04-08 21:36:57 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-04-08 21:36:57 +0000 net-analyzer/tcpdump: add 4.99.4 Bug: https://bugs.gentoo.org/904041 Signed-off-by: Sam James <sam@gentoo.org> net-analyzer/tcpdump/Manifest | 2 + net-analyzer/tcpdump/tcpdump-4.99.4.ebuild | 101 +++++++++++++++++++++++++++++ 2 files changed, 103 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4ec0a7ca17548844504e04fce7e81d668cc6ad15 commit 4ec0a7ca17548844504e04fce7e81d668cc6ad15 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-06-14 05:28:04 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-06-14 05:29:11 +0000 net-analyzer/tcpdump: drop 4.99.3 Bug: https://bugs.gentoo.org/904041 Signed-off-by: Sam James <sam@gentoo.org> net-analyzer/tcpdump/Manifest | 2 - net-analyzer/tcpdump/tcpdump-4.99.3.ebuild | 101 ----------------------------- 2 files changed, 103 deletions(-)