CVE-2019-1010220

Priority
Description
tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The
impact is: May expose Saved Frame Pointer, Return Address etc. on stack.
The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function
named "print_prefix", in "print-hncp.c". The attack vector is: The victim
must open a specially crafted pcap file.
Assigned-to
mdeslaur
Notes
Package
Upstream:released (4.9.3)
Ubuntu 12.04 ESM (Precise Pangolin):released (4.9.3-0ubuntu0.12.04.1)
Ubuntu 14.04 ESM (Trusty Tahr):released (4.9.3-0ubuntu0.14.04.1+esm1)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.9.3-0ubuntu0.16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.9.3-0ubuntu0.18.04.1)
Ubuntu 19.10 (Eoan Ermine):not-affected (4.9.3-2)
Ubuntu 20.04 (Focal Fossa):not-affected (4.9.3-4)
More Information

Updated: 2020-01-29 20:04:17 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)