Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 31: 2019-4fe461079f Critical: libpcap Buffer Overflow

fedora
Calendar Grey October 26, 2019
Dist Fedora Esm H88
Urgent vulnerability patch for libpcap resolving several concerns. Check Ubuntu's advisory for comprehensive information.
Security fix for CVE-2018-16301, CVE-2019-15161, CVE-2019-15162, CVE-2019-15163, CVE-2019-15164, CVE-2019-15165

Summary

Libpcap provides a portable framework for low-level network

monitoring. Libpcap can provide network statistics collection,

security monitoring and network debugging. Since almost every system

vendor provides a different interface for packet capture, the libpcap

authors created this system-independent API to ease in porting and to

alleviate the need for several system-dependent packet capture modules

in each application.

Install libpcap if you need to do low-level network traffic monitoring

on your network.

Security fix for CVE-2018-16301, CVE-2019-15161, CVE-2019-15162, CVE-2019-15163,

CVE-2019-15164, CVE-2019-15165

* Fri Oct 11 2019 Michal Ruprich - 14:1.9.1-1

- New version 1.9.1

- Fix for CVE-2018-16301, CVE-2019-15161, CVE-2019-15162, CVE-2019-15163, CVE-2019-15164, CVE-2019-15165

[ 1 ] Bug #1760623 - CVE-2019-15161 libpcap: Mishandled length values in reused variables

https://bugzilla.redhat.com/show_bug.cgi?id=1760623

[ 2 ] Bug #1760622 - CVE-2019-15162 libpcap: Information disclosure in rpcapd/daemon.c

https://bugzilla.redhat.com/show_bug.cgi?id=1760622

[ 3 ] Bug #1760621 - CVE-2019-15163 libpcap: Null pointer dereference in rpcapd/daemon.c

https://bugzilla.redhat.com/show_bug.cgi?id=1760621

[ 4 ] Bug #1760619 - CVE-2019-15164 libpcap: Server side request forgery in rpcapd/daemon.c

https://bugzilla.redhat.com/show_bug.cgi?id=1760619

[ 5 ] Bug #1760618 - CVE-2019-15165 libpcap: Resource exhaustion while PHB header length validation

https://bugzilla.redhat.com/show_bug.cgi?id=1760618

[ 6 ] Bug #1760500 - CVE-2018-16301 libpcap: Buffer overflow in pcapng reader

https://bugzilla.redhat.com/show_bug.cgi?id=1760500

su -c 'dnf upgrade --advisory FEDORA-2019-4fe461079f' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory buffer overflow Fedora information disclosure Denial of Service libpcap resource exhaustion

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 31
Version: 1.9.1
Release: 1.fc31
URL: https://www.tcpdump.org/
Summary: A system-independent interface for user-level packet capture

Topics%20covered

Topics Covered

security advisory buffer overflow Fedora information disclosure Denial of Service libpcap resource exhaustion

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here