CVE-2019-1010220

Priority
Description
tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The
impact is: May expose Saved Frame Pointer, Return Address etc. on stack.
The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function
named "print_prefix", in "print-hncp.c". The attack vector is: The victim
must open a specially crafted pcap file.
Assigned-to
mdeslaur
Notes
Package
Upstream:released (4.9.3)
Ubuntu 12.04 ESM (Precise Pangolin):released (4.9.3-0ubuntu0.12.04.1)
Ubuntu 14.04 ESM (Trusty Tahr):released (4.9.3-0ubuntu0.14.04.1+esm1)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.9.3-0ubuntu0.16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.9.3-0ubuntu0.18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (4.9.3-4)
More Information

Updated: 2020-07-28 20:05:56 UTC (commit d26b6ca9f5b3adb89bb036ce73ae7dab894935ec)