tcpdump-4.7.4-3.4 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10396-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z tcpdump-4.7.4-3.4 on GA media These are all security issues fixed in the tcpdump-4.7.4-3.4 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10396 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2014-8767/ SUSE CVE CVE-2014-8767 page https://www.suse.com/security/cve/CVE-2014-8768/ SUSE CVE CVE-2014-8768 page https://www.suse.com/security/cve/CVE-2014-8769/ SUSE CVE CVE-2014-8769 page https://www.suse.com/security/cve/CVE-2015-0261/ SUSE CVE CVE-2015-0261 page https://www.suse.com/security/cve/CVE-2015-2153/ SUSE CVE CVE-2015-2153 page https://www.suse.com/security/cve/CVE-2015-2154/ SUSE CVE CVE-2015-2154 page https://www.suse.com/security/cve/CVE-2015-2155/ SUSE CVE CVE-2015-2155 page https://www.suse.com/security/cve/CVE-2015-3138/ SUSE CVE CVE-2015-3138 page openSUSE Tumbleweed tcpdump-4.7.4-3.4 tcpdump-4.7.4-3.4 as a component of openSUSE Tumbleweed Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame. CVE-2014-8767 openSUSE Tumbleweed:tcpdump-4.7.4-3.4 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-8767.html CVE-2014-8767 https://bugzilla.suse.com/905870 SUSE Bug 905870 https://bugzilla.suse.com/905871 SUSE Bug 905871 Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame. CVE-2014-8768 openSUSE Tumbleweed:tcpdump-4.7.4-3.4 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-8768.html CVE-2014-8768 https://bugzilla.suse.com/905871 SUSE Bug 905871 tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access. CVE-2014-8769 openSUSE Tumbleweed:tcpdump-4.7.4-3.4 moderate 6.4 AV:N/AC:L/Au:N/C:P/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-8769.html CVE-2014-8769 https://bugzilla.suse.com/905871 SUSE Bug 905871 https://bugzilla.suse.com/905872 SUSE Bug 905872 Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative length value. CVE-2015-0261 openSUSE Tumbleweed:tcpdump-4.7.4-3.4 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-0261.html CVE-2015-0261 https://bugzilla.suse.com/922220 SUSE Bug 922220 The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU). CVE-2015-2153 openSUSE Tumbleweed:tcpdump-4.7.4-3.4 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2153.html CVE-2015-2153 https://bugzilla.suse.com/922221 SUSE Bug 922221 https://bugzilla.suse.com/922222 SUSE Bug 922222 https://bugzilla.suse.com/922223 SUSE Bug 922223 The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum value. CVE-2015-2154 openSUSE Tumbleweed:tcpdump-4.7.4-3.4 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2154.html CVE-2015-2154 https://bugzilla.suse.com/922222 SUSE Bug 922222 The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. CVE-2015-2155 openSUSE Tumbleweed:tcpdump-4.7.4-3.4 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2155.html CVE-2015-2155 https://bugzilla.suse.com/922220 SUSE Bug 922220 https://bugzilla.suse.com/922221 SUSE Bug 922221 https://bugzilla.suse.com/922222 SUSE Bug 922222 https://bugzilla.suse.com/922223 SUSE Bug 922223 print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash). CVE-2015-3138 openSUSE Tumbleweed:tcpdump-4.7.4-3.4 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-3138.html CVE-2015-3138 https://bugzilla.suse.com/927637 SUSE Bug 927637