Candidate: CVE-2015-3138
PublicDate: 2017-09-28 01:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3138
 https://github.com/the-tcpdump-group/tcpdump/issues/446
Description:
 print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a
 denial of service (segmentation fault and process crash).
Ubuntu-Description:
Notes:
 sbeattie> introduced in commit
   https://github.com/the-tcpdump-group/tcpdump/commit/3a3ec26085461998074b827b112d38e8f3246a86
 sbeattie> only affected 4.7.0 - 4.7.3
Bugs:
Priority: medium
Discovered-by: Brandon Perry
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]

Patches_tcpdump:
 upstream: https://github.com/the-tcpdump-group/tcpdump/commit/3ed82f4ed0095768529afc22b923c8f7171fff70
upstream_tcpdump: released (4.7.4)
precise_tcpdump: not-affected (4.7.0-4.7.3 only)
trusty_tcpdump: not-affected (4.7.0-4.7.3 only)
trusty/esm_tcpdump: not-affected (4.7.0-4.7.3 only)
vivid_tcpdump: not-affected (4.7.0-4.7.3 only)
devel_tcpdump: not-affected (4.7.0-4.7.3 only)