PublicDateAtUSN: 2019-09-30
Candidate: CVE-2018-16228
CRD: 2019-09-30
PublicDate: 2019-10-03 16:15:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16228
 https://www.tcpdump.org/tcpdump-changes.txt
 https://ubuntu.com/security/notices/USN-4252-1
 https://ubuntu.com/security/notices/USN-4252-2
Description:
 The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in
 print-hncp.c:print_prefix().
Ubuntu-Description: 
Notes: 
Mitigation: 
Bugs: 
Priority: medium
Discovered-by:
Assigned-to: mdeslaur
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]


Patches_tcpdump:
upstream_tcpdump: released (4.9.3)
precise/esm_tcpdump: released (4.9.3-0ubuntu0.12.04.1)
trusty_tcpdump: ignored (out of standard support)
trusty/esm_tcpdump: released (4.9.3-0ubuntu0.14.04.1+esm1)
xenial_tcpdump: released (4.9.3-0ubuntu0.16.04.1)
esm-infra/xenial_tcpdump: released (4.9.3-0ubuntu0.16.04.1)
bionic_tcpdump: released (4.9.3-0ubuntu0.18.04.1)
disco_tcpdump: ignored (reached end-of-life)
eoan_tcpdump: not-affected (4.9.3-2)
devel_tcpdump: not-affected (4.9.3-4)