PublicDateAtUSN: 2019-09-30
Candidate: CVE-2018-16301
CRD: 2019-09-30
PublicDate: 2019-10-03 16:15:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16301
 http://www.tcpdump.org/public-cve-list.txt
 https://github.com/the-tcpdump-group/tcpdump/commit/ad7c25bc0decf96dc7768c9e903734d38528b1bd
 https://ubuntu.com/security/notices/USN-5331-1
 https://ubuntu.com/security/notices/USN-5331-2
Description:
 The command-line argument parser in tcpdump before 4.99.0 has a buffer
 overflow in tcpdump.c:read_infile(). To trigger this vulnerability the
 attacker needs to create a 4GB file on the local filesystem and to specify
 the file name as the value of the -F command-line argument of tcpdump.
Ubuntu-Description: 
Notes: 
 mdeslaur> This CVE was incorrectly assigned to libpcap, and then was
 mdeslaur> incorrectly marked as REJECT, but is now a valid CVE for
 mdeslaur> tcpdump.
Mitigation: 
Bugs: 
 https://github.com/the-tcpdump-group/libpcap/issues/855
Priority: low
Discovered-by:
Assigned-to: litios
CVSS:
 nvd: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [7.8 HIGH]


Patches_tcpdump:
 upstream: https://github.com/the-tcpdump-group/tcpdump/commit/8ab211a7ec728bb0ad8c766c8eeb12deb0a13b86 (4.9)
upstream_tcpdump: released (4.99.0)
precise/esm_tcpdump: ignored (end of ESM support, was needs-triage)
trusty_tcpdump: ignored (out of standard support)
trusty/esm_tcpdump: needed
xenial_tcpdump: ignored (end of standard support, was needs-triage)
esm-infra/xenial_tcpdump: released (4.9.3-0ubuntu0.16.04.1+esm1)
bionic_tcpdump: released (4.9.3-0ubuntu0.18.04.2)
focal_tcpdump: released (4.9.3-4ubuntu0.1)
impish_tcpdump: not-affected (4.99.0-2)
jammy_tcpdump: not-affected (4.99.1-3build1)
devel_tcpdump: not-affected (4.99.1-3build1)