SB20170807102 - Out-of-bounds read in tcpdump (Alpine package)
Published: August 7, 2017
Security Bulletin ID
SB20170807102
CSH Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Out-of-bounds read (CVE-ID: CVE-2017-11108)
CWE-ID: CWE-125 - Out-of-bounds read
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists to a boundary error in the EXTRACT_16BITS() function, called from the stp_print function for the Spanning Tree Protocol in tcpdump 4.9.0. A remote attacker can send a specially crafted network packet, trigger heap-based buffer over-read and crash the affected application.
Successful exploitation of the vulnerability may allow an attacker to perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=ed2696f6dd2ad0000032a67399ae473c9563f6ce
- https://git.alpinelinux.org/aports/commit/?id=463c720cae55a3f0c45d5b52bc6da81e2fbe307e
- https://git.alpinelinux.org/aports/commit/?id=6a4921f8846fe08c0b44f7e73e948be040db17c1
- https://git.alpinelinux.org/aports/commit/?id=a9f20ceec7434edc3b6efaaf3d9117504437d0d0
- https://git.alpinelinux.org/aports/commit/?id=d663ed834ba5f4b06ea39a034880ace2ccd4a237
- https://git.alpinelinux.org/aports/commit/?id=e4c016a17c2cc2731a4800dc0a4a68d83770a68e