tcpdump-4.99.1-1.2 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:11425 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z tcpdump-4.99.1-1.2 on GA media These are all security issues fixed in the tcpdump-4.99.1-1.2 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-11425 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:11425 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2016-7922/ SUSE CVE CVE-2016-7922 page https://www.suse.com/security/cve/CVE-2016-7923/ SUSE CVE CVE-2016-7923 page https://www.suse.com/security/cve/CVE-2016-7924/ SUSE CVE CVE-2016-7924 page https://www.suse.com/security/cve/CVE-2016-7925/ SUSE CVE CVE-2016-7925 page https://www.suse.com/security/cve/CVE-2016-7926/ SUSE CVE CVE-2016-7926 page https://www.suse.com/security/cve/CVE-2016-7927/ SUSE CVE CVE-2016-7927 page https://www.suse.com/security/cve/CVE-2016-7928/ SUSE CVE CVE-2016-7928 page https://www.suse.com/security/cve/CVE-2016-7929/ SUSE CVE CVE-2016-7929 page https://www.suse.com/security/cve/CVE-2016-7930/ SUSE CVE CVE-2016-7930 page https://www.suse.com/security/cve/CVE-2016-7931/ SUSE CVE CVE-2016-7931 page https://www.suse.com/security/cve/CVE-2016-7932/ SUSE CVE CVE-2016-7932 page https://www.suse.com/security/cve/CVE-2016-7933/ SUSE CVE CVE-2016-7933 page https://www.suse.com/security/cve/CVE-2016-7934/ SUSE CVE CVE-2016-7934 page https://www.suse.com/security/cve/CVE-2016-7935/ SUSE CVE CVE-2016-7935 page https://www.suse.com/security/cve/CVE-2016-7936/ SUSE CVE CVE-2016-7936 page https://www.suse.com/security/cve/CVE-2016-7937/ SUSE CVE CVE-2016-7937 page https://www.suse.com/security/cve/CVE-2016-7938/ SUSE CVE CVE-2016-7938 page https://www.suse.com/security/cve/CVE-2016-7939/ SUSE CVE CVE-2016-7939 page https://www.suse.com/security/cve/CVE-2016-7940/ SUSE CVE CVE-2016-7940 page https://www.suse.com/security/cve/CVE-2016-7973/ SUSE CVE CVE-2016-7973 page https://www.suse.com/security/cve/CVE-2016-7974/ SUSE CVE CVE-2016-7974 page https://www.suse.com/security/cve/CVE-2016-7975/ SUSE CVE CVE-2016-7975 page https://www.suse.com/security/cve/CVE-2016-7983/ SUSE CVE CVE-2016-7983 page https://www.suse.com/security/cve/CVE-2016-7984/ SUSE CVE CVE-2016-7984 page https://www.suse.com/security/cve/CVE-2016-7985/ SUSE CVE CVE-2016-7985 page https://www.suse.com/security/cve/CVE-2016-7986/ SUSE CVE CVE-2016-7986 page https://www.suse.com/security/cve/CVE-2016-7992/ SUSE CVE CVE-2016-7992 page https://www.suse.com/security/cve/CVE-2016-7993/ SUSE CVE CVE-2016-7993 page https://www.suse.com/security/cve/CVE-2016-8574/ SUSE CVE CVE-2016-8574 page https://www.suse.com/security/cve/CVE-2016-8575/ SUSE CVE CVE-2016-8575 page https://www.suse.com/security/cve/CVE-2017-11108/ SUSE CVE CVE-2017-11108 page https://www.suse.com/security/cve/CVE-2017-11541/ SUSE CVE CVE-2017-11541 page https://www.suse.com/security/cve/CVE-2017-11542/ SUSE CVE CVE-2017-11542 page https://www.suse.com/security/cve/CVE-2017-11543/ SUSE CVE CVE-2017-11543 page https://www.suse.com/security/cve/CVE-2017-12893/ SUSE CVE CVE-2017-12893 page https://www.suse.com/security/cve/CVE-2017-12894/ SUSE CVE CVE-2017-12894 page https://www.suse.com/security/cve/CVE-2017-12895/ SUSE CVE CVE-2017-12895 page https://www.suse.com/security/cve/CVE-2017-12896/ SUSE CVE CVE-2017-12896 page https://www.suse.com/security/cve/CVE-2017-12897/ SUSE CVE CVE-2017-12897 page https://www.suse.com/security/cve/CVE-2017-12898/ SUSE CVE CVE-2017-12898 page https://www.suse.com/security/cve/CVE-2017-12899/ SUSE CVE CVE-2017-12899 page https://www.suse.com/security/cve/CVE-2017-12900/ SUSE CVE CVE-2017-12900 page https://www.suse.com/security/cve/CVE-2017-12901/ SUSE CVE CVE-2017-12901 page https://www.suse.com/security/cve/CVE-2017-12902/ SUSE CVE CVE-2017-12902 page https://www.suse.com/security/cve/CVE-2017-12985/ SUSE CVE CVE-2017-12985 page https://www.suse.com/security/cve/CVE-2017-12986/ SUSE CVE CVE-2017-12986 page https://www.suse.com/security/cve/CVE-2017-12987/ SUSE CVE CVE-2017-12987 page https://www.suse.com/security/cve/CVE-2017-12988/ SUSE CVE CVE-2017-12988 page https://www.suse.com/security/cve/CVE-2017-12989/ SUSE CVE CVE-2017-12989 page https://www.suse.com/security/cve/CVE-2017-12990/ SUSE CVE CVE-2017-12990 page https://www.suse.com/security/cve/CVE-2017-12991/ SUSE CVE CVE-2017-12991 page https://www.suse.com/security/cve/CVE-2017-12992/ SUSE CVE CVE-2017-12992 page https://www.suse.com/security/cve/CVE-2017-12993/ SUSE CVE CVE-2017-12993 page https://www.suse.com/security/cve/CVE-2017-12994/ SUSE CVE CVE-2017-12994 page https://www.suse.com/security/cve/CVE-2017-12995/ SUSE CVE CVE-2017-12995 page https://www.suse.com/security/cve/CVE-2017-12996/ SUSE CVE CVE-2017-12996 page https://www.suse.com/security/cve/CVE-2017-12997/ SUSE CVE CVE-2017-12997 page https://www.suse.com/security/cve/CVE-2017-12998/ SUSE CVE CVE-2017-12998 page https://www.suse.com/security/cve/CVE-2017-12999/ SUSE CVE CVE-2017-12999 page https://www.suse.com/security/cve/CVE-2017-13000/ SUSE CVE CVE-2017-13000 page https://www.suse.com/security/cve/CVE-2017-13001/ SUSE CVE CVE-2017-13001 page https://www.suse.com/security/cve/CVE-2017-13002/ SUSE CVE CVE-2017-13002 page https://www.suse.com/security/cve/CVE-2017-13003/ SUSE CVE CVE-2017-13003 page https://www.suse.com/security/cve/CVE-2017-13004/ SUSE CVE CVE-2017-13004 page https://www.suse.com/security/cve/CVE-2017-13005/ SUSE CVE CVE-2017-13005 page https://www.suse.com/security/cve/CVE-2017-13006/ SUSE CVE CVE-2017-13006 page https://www.suse.com/security/cve/CVE-2017-13007/ SUSE CVE CVE-2017-13007 page https://www.suse.com/security/cve/CVE-2017-13008/ SUSE CVE CVE-2017-13008 page https://www.suse.com/security/cve/CVE-2017-13009/ SUSE CVE CVE-2017-13009 page https://www.suse.com/security/cve/CVE-2017-13010/ SUSE CVE CVE-2017-13010 page https://www.suse.com/security/cve/CVE-2017-13011/ SUSE CVE CVE-2017-13011 page https://www.suse.com/security/cve/CVE-2017-13012/ SUSE CVE CVE-2017-13012 page https://www.suse.com/security/cve/CVE-2017-13013/ SUSE CVE CVE-2017-13013 page https://www.suse.com/security/cve/CVE-2017-13014/ SUSE CVE CVE-2017-13014 page https://www.suse.com/security/cve/CVE-2017-13015/ SUSE CVE CVE-2017-13015 page https://www.suse.com/security/cve/CVE-2017-13016/ SUSE CVE CVE-2017-13016 page https://www.suse.com/security/cve/CVE-2017-13017/ SUSE CVE CVE-2017-13017 page https://www.suse.com/security/cve/CVE-2017-13018/ SUSE CVE CVE-2017-13018 page https://www.suse.com/security/cve/CVE-2017-13019/ SUSE CVE CVE-2017-13019 page https://www.suse.com/security/cve/CVE-2017-13020/ SUSE CVE CVE-2017-13020 page https://www.suse.com/security/cve/CVE-2017-13021/ SUSE CVE CVE-2017-13021 page https://www.suse.com/security/cve/CVE-2017-13022/ SUSE CVE CVE-2017-13022 page https://www.suse.com/security/cve/CVE-2017-13023/ SUSE CVE CVE-2017-13023 page https://www.suse.com/security/cve/CVE-2017-13024/ SUSE CVE CVE-2017-13024 page https://www.suse.com/security/cve/CVE-2017-13025/ SUSE CVE CVE-2017-13025 page https://www.suse.com/security/cve/CVE-2017-13026/ SUSE CVE CVE-2017-13026 page https://www.suse.com/security/cve/CVE-2017-13027/ SUSE CVE CVE-2017-13027 page https://www.suse.com/security/cve/CVE-2017-13028/ SUSE CVE CVE-2017-13028 page https://www.suse.com/security/cve/CVE-2017-13029/ SUSE CVE CVE-2017-13029 page https://www.suse.com/security/cve/CVE-2017-13030/ SUSE CVE CVE-2017-13030 page https://www.suse.com/security/cve/CVE-2017-13031/ SUSE CVE CVE-2017-13031 page https://www.suse.com/security/cve/CVE-2017-13032/ SUSE CVE CVE-2017-13032 page https://www.suse.com/security/cve/CVE-2017-13033/ SUSE CVE CVE-2017-13033 page https://www.suse.com/security/cve/CVE-2017-13034/ SUSE CVE CVE-2017-13034 page https://www.suse.com/security/cve/CVE-2017-13035/ SUSE CVE CVE-2017-13035 page https://www.suse.com/security/cve/CVE-2017-13036/ SUSE CVE CVE-2017-13036 page https://www.suse.com/security/cve/CVE-2017-13037/ SUSE CVE CVE-2017-13037 page https://www.suse.com/security/cve/CVE-2017-13038/ SUSE CVE CVE-2017-13038 page https://www.suse.com/security/cve/CVE-2017-13039/ SUSE CVE CVE-2017-13039 page https://www.suse.com/security/cve/CVE-2017-13040/ SUSE CVE CVE-2017-13040 page https://www.suse.com/security/cve/CVE-2017-13041/ SUSE CVE CVE-2017-13041 page https://www.suse.com/security/cve/CVE-2017-13042/ SUSE CVE CVE-2017-13042 page https://www.suse.com/security/cve/CVE-2017-13043/ SUSE CVE CVE-2017-13043 page https://www.suse.com/security/cve/CVE-2017-13044/ SUSE CVE CVE-2017-13044 page https://www.suse.com/security/cve/CVE-2017-13045/ SUSE CVE CVE-2017-13045 page https://www.suse.com/security/cve/CVE-2017-13046/ SUSE CVE CVE-2017-13046 page https://www.suse.com/security/cve/CVE-2017-13047/ SUSE CVE CVE-2017-13047 page https://www.suse.com/security/cve/CVE-2017-13048/ SUSE CVE CVE-2017-13048 page https://www.suse.com/security/cve/CVE-2017-13049/ SUSE CVE CVE-2017-13049 page https://www.suse.com/security/cve/CVE-2017-13050/ SUSE CVE CVE-2017-13050 page https://www.suse.com/security/cve/CVE-2017-13051/ SUSE CVE CVE-2017-13051 page https://www.suse.com/security/cve/CVE-2017-13052/ SUSE CVE CVE-2017-13052 page https://www.suse.com/security/cve/CVE-2017-13053/ SUSE CVE CVE-2017-13053 page https://www.suse.com/security/cve/CVE-2017-13054/ SUSE CVE CVE-2017-13054 page https://www.suse.com/security/cve/CVE-2017-13055/ SUSE CVE CVE-2017-13055 page https://www.suse.com/security/cve/CVE-2017-13687/ SUSE CVE CVE-2017-13687 page https://www.suse.com/security/cve/CVE-2017-13688/ SUSE CVE CVE-2017-13688 page https://www.suse.com/security/cve/CVE-2017-13689/ SUSE CVE CVE-2017-13689 page https://www.suse.com/security/cve/CVE-2017-13690/ SUSE CVE CVE-2017-13690 page https://www.suse.com/security/cve/CVE-2017-13725/ SUSE CVE CVE-2017-13725 page https://www.suse.com/security/cve/CVE-2017-16808/ SUSE CVE CVE-2017-16808 page https://www.suse.com/security/cve/CVE-2017-5202/ SUSE CVE CVE-2017-5202 page https://www.suse.com/security/cve/CVE-2017-5203/ SUSE CVE CVE-2017-5203 page https://www.suse.com/security/cve/CVE-2017-5204/ SUSE CVE CVE-2017-5204 page https://www.suse.com/security/cve/CVE-2017-5205/ SUSE CVE CVE-2017-5205 page https://www.suse.com/security/cve/CVE-2017-5341/ SUSE CVE CVE-2017-5341 page https://www.suse.com/security/cve/CVE-2017-5342/ SUSE CVE CVE-2017-5342 page https://www.suse.com/security/cve/CVE-2017-5482/ SUSE CVE CVE-2017-5482 page https://www.suse.com/security/cve/CVE-2017-5483/ SUSE CVE CVE-2017-5483 page https://www.suse.com/security/cve/CVE-2017-5484/ SUSE CVE CVE-2017-5484 page https://www.suse.com/security/cve/CVE-2017-5485/ SUSE CVE CVE-2017-5485 page https://www.suse.com/security/cve/CVE-2017-5486/ SUSE CVE CVE-2017-5486 page https://www.suse.com/security/cve/CVE-2018-10103/ SUSE CVE CVE-2018-10103 page https://www.suse.com/security/cve/CVE-2018-10105/ SUSE CVE CVE-2018-10105 page https://www.suse.com/security/cve/CVE-2018-14461/ SUSE CVE CVE-2018-14461 page https://www.suse.com/security/cve/CVE-2018-14462/ SUSE CVE CVE-2018-14462 page https://www.suse.com/security/cve/CVE-2018-14463/ SUSE CVE CVE-2018-14463 page https://www.suse.com/security/cve/CVE-2018-14464/ SUSE CVE CVE-2018-14464 page https://www.suse.com/security/cve/CVE-2018-14465/ SUSE CVE CVE-2018-14465 page https://www.suse.com/security/cve/CVE-2018-14466/ SUSE CVE CVE-2018-14466 page https://www.suse.com/security/cve/CVE-2018-14467/ SUSE CVE CVE-2018-14467 page https://www.suse.com/security/cve/CVE-2018-14468/ SUSE CVE CVE-2018-14468 page https://www.suse.com/security/cve/CVE-2018-14469/ SUSE CVE CVE-2018-14469 page https://www.suse.com/security/cve/CVE-2018-14470/ SUSE CVE CVE-2018-14470 page https://www.suse.com/security/cve/CVE-2018-14879/ SUSE CVE CVE-2018-14879 page https://www.suse.com/security/cve/CVE-2018-14880/ SUSE CVE CVE-2018-14880 page https://www.suse.com/security/cve/CVE-2018-14881/ SUSE CVE CVE-2018-14881 page https://www.suse.com/security/cve/CVE-2018-14882/ SUSE CVE CVE-2018-14882 page https://www.suse.com/security/cve/CVE-2018-16227/ SUSE CVE CVE-2018-16227 page https://www.suse.com/security/cve/CVE-2018-16228/ SUSE CVE CVE-2018-16228 page https://www.suse.com/security/cve/CVE-2018-16229/ SUSE CVE CVE-2018-16229 page https://www.suse.com/security/cve/CVE-2018-16230/ SUSE CVE CVE-2018-16230 page https://www.suse.com/security/cve/CVE-2018-16300/ SUSE CVE CVE-2018-16300 page https://www.suse.com/security/cve/CVE-2018-16301/ SUSE CVE CVE-2018-16301 page https://www.suse.com/security/cve/CVE-2018-16451/ SUSE CVE CVE-2018-16451 page https://www.suse.com/security/cve/CVE-2018-16452/ SUSE CVE CVE-2018-16452 page https://www.suse.com/security/cve/CVE-2018-19519/ SUSE CVE CVE-2018-19519 page https://www.suse.com/security/cve/CVE-2019-1010220/ SUSE CVE CVE-2019-1010220 page https://www.suse.com/security/cve/CVE-2019-15166/ SUSE CVE CVE-2019-15166 page https://www.suse.com/security/cve/CVE-2019-15167/ SUSE CVE CVE-2019-15167 page https://www.suse.com/security/cve/CVE-2020-8037/ SUSE CVE CVE-2020-8037 page openSUSE Tumbleweed tcpdump-4.99.1-1.2 tcpdump-4.99.1-1.2 as a component of openSUSE Tumbleweed The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print(). CVE-2016-7922 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7922.html CVE-2016-7922 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print(). CVE-2016-7923 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7923.html CVE-2016-7923 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print(). CVE-2016-7924 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7924.html CVE-2016-7924 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print(). CVE-2016-7925 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7925.html CVE-2016-7925 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print(). CVE-2016-7926 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7926.html CVE-2016-7926 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print(). CVE-2016-7927 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7927.html CVE-2016-7927 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print(). CVE-2016-7928 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7928.html CVE-2016-7928 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header(). CVE-2016-7929 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7929.html CVE-2016-7929 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print(). CVE-2016-7930 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7930.html CVE-2016-7930 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print(). CVE-2016-7931 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7931.html CVE-2016-7931 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum(). CVE-2016-7932 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7932.html CVE-2016-7932 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print(). CVE-2016-7933 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7933.html CVE-2016-7933 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print(). CVE-2016-7934 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7934.html CVE-2016-7934 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print(). CVE-2016-7935 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7935.html CVE-2016-7935 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print(). CVE-2016-7936 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7936.html CVE-2016-7936 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print(). CVE-2016-7937 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7937.html CVE-2016-7937 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame(). CVE-2016-7938 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7938.html CVE-2016-7938 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions. CVE-2016-7939 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7939.html CVE-2016-7939 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions. CVE-2016-7940 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7940.html CVE-2016-7940 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions. CVE-2016-7973 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7973.html CVE-2016-7973 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions. CVE-2016-7974 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7974.html CVE-2016-7974 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print(). CVE-2016-7975 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7975.html CVE-2016-7975 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). CVE-2016-7983 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7983.html CVE-2016-7983 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print(). CVE-2016-7984 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7984.html CVE-2016-7984 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print(). CVE-2016-7985 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7985.html CVE-2016-7985 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions. CVE-2016-7986 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7986.html CVE-2016-7986 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print(). CVE-2016-7992 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7992.html CVE-2016-7992 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM). CVE-2016-7993 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7993.html CVE-2016-7993 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print(). CVE-2016-8574 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-8574.html CVE-2016-8574 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482. CVE-2016-8575 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-8575.html CVE-2016-8575 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol. CVE-2017-11108 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-11108.html CVE-2017-11108 https://bugzilla.suse.com/1047873 SUSE Bug 1047873 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 https://bugzilla.suse.com/1123142 SUSE Bug 1123142 tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c. CVE-2017-11541 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-11541.html CVE-2017-11541 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 https://bugzilla.suse.com/1123142 SUSE Bug 1123142 tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c. CVE-2017-11542 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-11542.html CVE-2017-11542 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 https://bugzilla.suse.com/1123142 SUSE Bug 1123142 tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c. CVE-2017-11543 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-11543.html CVE-2017-11543 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 https://bugzilla.suse.com/1123142 SUSE Bug 1123142 The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len(). CVE-2017-12893 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12893.html CVE-2017-12893 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring(). CVE-2017-12894 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12894.html CVE-2017-12894 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print(). CVE-2017-12895 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12895.html CVE-2017-12895 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print(). CVE-2017-12896 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12896.html CVE-2017-12896 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print(). CVE-2017-12897 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12897.html CVE-2017-12897 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply(). CVE-2017-12898 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12898.html CVE-2017-12898 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print(). CVE-2017-12899 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12899.html CVE-2017-12899 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf(). CVE-2017-12900 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12900.html CVE-2017-12900 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print(). CVE-2017-12901 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12901.html CVE-2017-12901 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions. CVE-2017-12902 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12902.html CVE-2017-12902 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print(). CVE-2017-12985 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12985.html CVE-2017-12985 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print(). CVE-2017-12986 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12986.html CVE-2017-12986 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements(). CVE-2017-12987 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12987.html CVE-2017-12987 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse(). CVE-2017-12988 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12988.html CVE-2017-12988 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length(). CVE-2017-12989 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12989.html CVE-2017-12989 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions. CVE-2017-12990 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12990.html CVE-2017-12990 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print(). CVE-2017-12991 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12991.html CVE-2017-12991 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print(). CVE-2017-12992 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12992.html CVE-2017-12992 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions. CVE-2017-12993 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12993.html CVE-2017-12993 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print(). CVE-2017-12994 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12994.html CVE-2017-12994 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print(). CVE-2017-12995 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12995.html CVE-2017-12995 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print(). CVE-2017-12996 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12996.html CVE-2017-12996 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldp_private_8021_print(). CVE-2017-12997 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12997.html CVE-2017-12997 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_extd_ip_reach(). CVE-2017-12998 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12998.html CVE-2017-12998 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print(). CVE-2017-12999 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-12999.html CVE-2017-12999 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print(). CVE-2017-13000 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13000.html CVE-2017-13000 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh(). CVE-2017-13001 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13001.html CVE-2017-13001 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension(). CVE-2017-13002 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13002.html CVE-2017-13002 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print(). CVE-2017-13003 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13003.html CVE-2017-13003 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header(). CVE-2017-13004 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13004.html CVE-2017-13004 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter(). CVE-2017-13005 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13005.html CVE-2017-13005 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions. CVE-2017-13006 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13006.html CVE-2017-13006 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read in print-pktap.c:pktap_if_print(). CVE-2017-13007 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13007.html CVE-2017-13007 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements(). CVE-2017-13008 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13008.html CVE-2017-13008 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_print(). CVE-2017-13009 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13009.html CVE-2017-13009 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart(). CVE-2017-13010 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13010.html CVE-2017-13010 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 Several protocol parsers in tcpdump before 4.9.2 could cause a buffer overflow in util-print.c:bittok2str_internal(). CVE-2017-13011 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13011.html CVE-2017-13011 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 https://bugzilla.suse.com/1123142 SUSE Bug 1123142 The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print(). CVE-2017-13012 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13012.html CVE-2017-13012 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions. CVE-2017-13013 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13013.html CVE-2017-13013 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions. CVE-2017-13014 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13014.html CVE-2017-13014 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print-eap.c:eap_print(). CVE-2017-13015 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13015.html CVE-2017-13015 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print(). CVE-2017-13016 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13016.html CVE-2017-13016 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print(). CVE-2017-13017 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13017.html CVE-2017-13017 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). CVE-2017-13018 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13018.html CVE-2017-13018 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). CVE-2017-13019 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13019.html CVE-2017-13019 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print(). CVE-2017-13020 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13020.html CVE-2017-13020 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print(). CVE-2017-13021 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13021.html CVE-2017-13021 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute(). CVE-2017-13022 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13022.html CVE-2017-13022 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print(). CVE-2017-13023 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13023.html CVE-2017-13023 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print(). CVE-2017-13024 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13024.html CVE-2017-13024 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print(). CVE-2017-13025 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13025.html CVE-2017-13025 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c, several functions. CVE-2017-13026 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13026.html CVE-2017-13026 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print(). CVE-2017-13027 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13027.html CVE-2017-13027 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print(). CVE-2017-13028 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13028.html CVE-2017-13028 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options(). CVE-2017-13029 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13029.html CVE-2017-13029 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions. CVE-2017-13030 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13030.html CVE-2017-13030 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print(). CVE-2017-13031 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13031.html CVE-2017-13031 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string(). CVE-2017-13032 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13032.html CVE-2017-13032 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print(). CVE-2017-13033 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13033.html CVE-2017-13033 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). CVE-2017-13034 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13034.html CVE-2017-13034 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id(). CVE-2017-13035 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13035.html CVE-2017-13035 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3(). CVE-2017-13036 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13036.html CVE-2017-13036 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts(). CVE-2017-13037 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13037.html CVE-2017-13037 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp(). CVE-2017-13038 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13038.html CVE-2017-13038 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions. CVE-2017-13039 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13039.html CVE-2017-13039 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions. CVE-2017-13040 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13040.html CVE-2017-13040 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print(). CVE-2017-13041 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13041.html CVE-2017-13041 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print(). CVE-2017-13042 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13042.html CVE-2017-13042 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn(). CVE-2017-13043 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13043.html CVE-2017-13043 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print(). CVE-2017-13044 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13044.html CVE-2017-13044 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print(). CVE-2017-13045 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13045.html CVE-2017-13045 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print(). CVE-2017-13046 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13046.html CVE-2017-13046 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print(). CVE-2017-13047 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13047.html CVE-2017-13047 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). CVE-2017-13048 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13048.html CVE-2017-13048 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print(). CVE-2017-13049 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13049.html CVE-2017-13049 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print(). CVE-2017-13050 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13050.html CVE-2017-13050 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). CVE-2017-13051 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13051.html CVE-2017-13051 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print(). CVE-2017-13052 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13052.html CVE-2017-13052 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info(). CVE-2017-13053 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13053.html CVE-2017-13053 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print(). CVE-2017-13054 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13054.html CVE-2017-13054 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv(). CVE-2017-13055 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13055.html CVE-2017-13055 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print(). CVE-2017-13687 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13687.html CVE-2017-13687 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print(). CVE-2017-13688 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13688.html CVE-2017-13688 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print(). CVE-2017-13689 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13689.html CVE-2017-13689 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions. CVE-2017-13690 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13690.html CVE-2017-13690 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print(). CVE-2017-13725 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-13725.html CVE-2017-13725 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c. CVE-2017-16808 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-16808.html CVE-2017-16808 https://bugzilla.suse.com/1068716 SUSE Bug 1068716 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). CVE-2017-5202 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5202.html CVE-2017-5202 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). CVE-2017-5203 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5203.html CVE-2017-5203 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print(). CVE-2017-5204 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5204.html CVE-2017-5204 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print(). CVE-2017-5205 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5205.html CVE-2017-5205 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print(). CVE-2017-5341 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5341.html CVE-2017-5341 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print(). CVE-2017-5342 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5342.html CVE-2017-5342 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575. CVE-2017-5482 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5482.html CVE-2017-5482 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse(). CVE-2017-5483 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5483.html CVE-2017-5483 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print(). CVE-2017-5484 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5484.html CVE-2017-5484 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap(). CVE-2017-5485 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5485.html CVE-2017-5485 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). CVE-2017-5486 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5486.html CVE-2017-5486 https://bugzilla.suse.com/1020940 SUSE Bug 1020940 tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). CVE-2018-10103 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-10103.html CVE-2018-10103 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). CVE-2018-10105 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-10105.html CVE-2018-10105 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). CVE-2018-14461 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-14461.html CVE-2018-14461 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print(). CVE-2018-14462 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-14462.html CVE-2018-14462 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167. CVE-2018-14463 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-14463.html CVE-2018-14463 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs(). CVE-2018-14464 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-14464.html CVE-2018-14464 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). CVE-2018-14465 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-14465.html CVE-2018-14465 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). CVE-2018-14466 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-14466.html CVE-2018-14466 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 https://bugzilla.suse.com/1166972 SUSE Bug 1166972 The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). CVE-2018-14467 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-14467.html CVE-2018-14467 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print(). CVE-2018-14468 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-14468.html CVE-2018-14468 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print(). CVE-2018-14469 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-14469.html CVE-2018-14469 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2(). CVE-2018-14470 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-14470.html CVE-2018-14470 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file(). CVE-2018-14879 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-14879.html CVE-2018-14879 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr(). CVE-2018-14880 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-14880.html CVE-2018-14880 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). CVE-2018-14881 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-14881.html CVE-2018-14881 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. CVE-2018-14882 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-14882.html CVE-2018-14882 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield. CVE-2018-16227 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16227.html CVE-2018-16227 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix(). CVE-2018-16228 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16228.html CVE-2018-16228 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option(). CVE-2018-16229 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16229.html CVE-2018-16229 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). CVE-2018-16230 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16230.html CVE-2018-16230 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. CVE-2018-16300 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16300.html CVE-2018-16300 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump. CVE-2018-16301 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16301.html CVE-2018-16301 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 https://bugzilla.suse.com/1153332 SUSE Bug 1153332 https://bugzilla.suse.com/1195825 SUSE Bug 1195825 The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN. CVE-2018-16451 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16451.html CVE-2018-16451 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion. CVE-2018-16452 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16452.html CVE-2018-16452 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization. CVE-2018-19519 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-19519.html CVE-2018-19519 https://bugzilla.suse.com/1117267 SUSE Bug 1117267 tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-hncp.c". The attack vector is: The victim must open a specially crafted pcap file. CVE-2019-1010220 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-1010220.html CVE-2019-1010220 https://bugzilla.suse.com/1142439 SUSE Bug 1142439 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. CVE-2019-15166 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-15166.html CVE-2019-15166 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463. CVE-2019-15167 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-15167.html CVE-2019-15167 https://bugzilla.suse.com/1153098 SUSE Bug 1153098 The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. CVE-2020-8037 openSUSE Tumbleweed:tcpdump-4.99.1-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-8037.html CVE-2020-8037 https://bugzilla.suse.com/1178466 SUSE Bug 1178466