#VU48587 Allocation of Resources Without Limits or Throttling in Tcpdump - CVE-2020-8037


| Updated: 2021-04-27

Vulnerability identifier: #VU48587

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-8037

CWE-ID: CWE-770

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Tcpdump
Server applications / DLP, anti-spam, sniffers

Vendor: Tcpdump.org

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.3

External links
http://github.com/the-tcpdump-group/tcpdump/commit/32027e199368dad9508965aae8cd8de5b6ab5231
http://lists.debian.org/debian-lts-announce/2020/11/msg00018.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


F5OS update for tcpdump
Denial of service in F5 BIG-IP tcpdump
Multiple vulnerabilities in Juniper Networks Junos cRPD
Multiple vulnerabilities in Juniper Cloud Native Router
VMware Tanzu products update for tcpdump
Multiple vulnerabilities in Cloud Foundry Foundation cflinuxfs3
Ubuntu update for tcpdump
Ubuntu update for tcpdump
Red Hat Enterprise Linux 8 update for tcpdump
Multiple vulnerabilities in macOS