-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   Red Hat Security Advisory

Synopsis:          Moderate: tcpdump security, bug fix, and enhancement update
Advisory ID:       RHSA-2020:4760-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:4760
Issue date:        2020-11-03
CVE Names:         CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 
                   CVE-2018-14462 CVE-2018-14463 CVE-2018-14464 
                   CVE-2018-14465 CVE-2018-14466 CVE-2018-14467 
                   CVE-2018-14468 CVE-2018-14469 CVE-2018-14470 
                   CVE-2018-14879 CVE-2018-14880 CVE-2018-14881 
                   CVE-2018-14882 CVE-2018-16227 CVE-2018-16228 
                   CVE-2018-16229 CVE-2018-16230 CVE-2018-16300 
                   CVE-2018-16451 CVE-2018-16452 CVE-2019-15166 
====================================================================
1. Summary:

An update for tcpdump is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

The tcpdump packages contain the tcpdump utility for monitoring network
traffic. The tcpdump utility can capture and display the packet headers on
a particular network interface or on all interfaces.

The following packages have been upgraded to a later upstream version:
tcpdump (4.9.3). (BZ#1804063)

Security Fix(es):

* tcpdump: SMB data printing mishandled (CVE-2018-10103)

* tcpdump: SMB data printing mishandled (CVE-2018-10105)

* tcpdump: Out of bounds read/write in get_next_file() in tcpdump.c
(CVE-2018-14879)

* tcpdump: Buffer over-read in ldp_tlv_print() function in print-ldp.c
(CVE-2018-14461)

* tcpdump: Buffer over-read in icmp_print() function in print-icmp.c
(CVE-2018-14462)

* tcpdump: Buffer over-read in vrrp_print() function in print-vrrp.c
(CVE-2018-14463)

* tcpdump: Buffer over-read in lmp_print_data_link_subobjs() function in
print-lmp.c (CVE-2018-14464)

* tcpdump: Buffer over-read in rsvp_obj_print() function in print-rsvp.c
(CVE-2018-14465)

* tcpdump: Buffer over-read in print-icmp6.c (CVE-2018-14466)

* tcpdump: Buffer over-read in bgp_capabilities_print() in print-bgp.c
(CVE-2018-14467)

* tcpdump: Buffer over-read in mfr_print() function in print-fr.c
(CVE-2018-14468)

* tcpdump: Buffer over-read in ikev1_n_print() function in print-isakmp.c
(CVE-2018-14469)

* tcpdump: Buffer over-read in babel_print_v2() in print-babel.c
(CVE-2018-14470)

* tcpdump: Buffer over-read in ospf6_print_lshdr() function in
print-ospf6.c (CVE-2018-14880)

* tcpdump: Buffer over-read in bgp_capabilities_print() function in
print-bgp.c (CVE-2018-14881)

* tcpdump: Buffer over-read in function rpl_dio_printopt in print-icmp6.c
(CVE-2018-14882)

* tcpdump: Buffer over-read in print-802_11.c (CVE-2018-16227)

* tcpdump: Access to uninitialized buffer in print_prefix() function in
print-hncp.c (CVE-2018-16228)

* tcpdump: Buffer over-read in dccp_print_option() function in print-dccp.c
(CVE-2018-16229)

* tcpdump: Buffer over-read in bgp_attr_print() function in print-bgp.c
(CVE-2018-16230)

* tcpdump: Resource exhaustion in bgp_attr_print() function in print-bgp.c
(CVE-2018-16300)

* tcpdump: Buffer over-read in print_trans() function in print-smb.c
(CVE-2018-16451)

* tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c
(CVE-2018-16452)

* tcpdump: Buffer overflow in lmp_print_data_link_subobjs() in print-lmp.c
(CVE-2019-15166)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.3 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1760430 - CVE-2018-14882 tcpdump: Buffer over-read in function rpl_dio_printopt in print-icmp6.c
1760445 - CVE-2018-16300 tcpdump: Resource exhaustion in bgp_attr_print() function in print-bgp.c
1760447 - CVE-2018-14469 tcpdump: Buffer over-read in ikev1_n_print() function in print-isakmp.c
1760449 - CVE-2018-14465 tcpdump: Buffer over-read in rsvp_obj_print() function in print-rsvp.c
1760453 - CVE-2018-14463 tcpdump: Buffer over-read in vrrp_print() function in print-vrrp.c
1760455 - CVE-2018-14462 tcpdump: Buffer over-read in icmp_print() function in print-icmp.c
1760457 - CVE-2018-14879 tcpdump: Out of bounds read/write in in get_next_file() in tcpdump.c
1760458 - CVE-2018-16229 tcpdump: Buffer over-read in dccp_print_option() function in print-dccp.c
1760461 - CVE-2018-16227 tcpdump: Buffer over-read in print-802_11.c
1760463 - CVE-2018-14881 tcpdump: Buffer over-read in bgp_capabilities_print() function in print-bgp.c
1760464 - CVE-2018-14468 tcpdump: Buffer over-read in mfr_print() function in print-fr.c
1760468 - CVE-2018-14880 tcpdump: Buffer over-read in ospf6_print_lshdr() function in print-ospf6.c
1760504 - CVE-2018-10103 tcpdump: SMB data printing mishandled
1760505 - CVE-2018-10105 tcpdump: SMB data printing mishandled
1760506 - CVE-2018-14461 tcpdump: Buffer over-read in ldp_tlv_print() function in print-ldp.c
1760507 - CVE-2018-14464 tcpdump: Buffer over-read in lmp_print_data_link_subobjs() function in print-lmp.c
1760509 - CVE-2018-14466 tcpdump: Buffer over-read in print-icmp6.c
1760512 - CVE-2018-14467 tcpdump: Buffer over-read in bgp_capabilities_print() in print-bgp.c
1760513 - CVE-2018-14470 tcpdump: Buffer over-read in babel_print_v2() in print-babel.c
1760514 - CVE-2018-16228 tcpdump: Access to uninitialized buffer in print_prefix() function in print-hncp.c
1760516 - CVE-2018-16230 tcpdump: Buffer over-read in bgp_attr_print() function in print-bgp.c
1760517 - CVE-2018-16451 tcpdump: Buffer over-read in print_trans() function in print-smb.c
1760518 - CVE-2018-16452 tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c
1760520 - CVE-2019-15166 tcpdump: Buffer overflow in lmp_print_data_link_subobjs() in print-lmp.c
1804063 - Rebase tcpdump to 4.9.3 to fix multiple CVEs

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
tcpdump-4.9.3-1.el8.src.rpm

aarch64:
tcpdump-4.9.3-1.el8.aarch64.rpm
tcpdump-debuginfo-4.9.3-1.el8.aarch64.rpm
tcpdump-debugsource-4.9.3-1.el8.aarch64.rpm

ppc64le:
tcpdump-4.9.3-1.el8.ppc64le.rpm
tcpdump-debuginfo-4.9.3-1.el8.ppc64le.rpm
tcpdump-debugsource-4.9.3-1.el8.ppc64le.rpm

s390x:
tcpdump-4.9.3-1.el8.s390x.rpm
tcpdump-debuginfo-4.9.3-1.el8.s390x.rpm
tcpdump-debugsource-4.9.3-1.el8.s390x.rpm

x86_64:
tcpdump-4.9.3-1.el8.x86_64.rpm
tcpdump-debuginfo-4.9.3-1.el8.x86_64.rpm
tcpdump-debugsource-4.9.3-1.el8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-10103
https://access.redhat.com/security/cve/CVE-2018-10105
https://access.redhat.com/security/cve/CVE-2018-14461
https://access.redhat.com/security/cve/CVE-2018-14462
https://access.redhat.com/security/cve/CVE-2018-14463
https://access.redhat.com/security/cve/CVE-2018-14464
https://access.redhat.com/security/cve/CVE-2018-14465
https://access.redhat.com/security/cve/CVE-2018-14466
https://access.redhat.com/security/cve/CVE-2018-14467
https://access.redhat.com/security/cve/CVE-2018-14468
https://access.redhat.com/security/cve/CVE-2018-14469
https://access.redhat.com/security/cve/CVE-2018-14470
https://access.redhat.com/security/cve/CVE-2018-14879
https://access.redhat.com/security/cve/CVE-2018-14880
https://access.redhat.com/security/cve/CVE-2018-14881
https://access.redhat.com/security/cve/CVE-2018-14882
https://access.redhat.com/security/cve/CVE-2018-16227
https://access.redhat.com/security/cve/CVE-2018-16228
https://access.redhat.com/security/cve/CVE-2018-16229
https://access.redhat.com/security/cve/CVE-2018-16230
https://access.redhat.com/security/cve/CVE-2018-16300
https://access.redhat.com/security/cve/CVE-2018-16451
https://access.redhat.com/security/cve/CVE-2018-16452
https://access.redhat.com/security/cve/CVE-2019-15166
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBX6I4ENzjgjWX9erEAQhWpBAAl8gza241WtZUglkRZgl5MEblBH2i/YD7
ixrj7P/T6FmlkhbgotT6cWAD4v/oej0aV3VlgnlY9JI9iPGKvP6ZYu8jbaW50Lr+
E1wDuI/6nAp/e6DLSYAe1qD52c06SrPdlMP40SE9ZQoTDe38Z8Uvfpm7X4CN9wgi
AbGc3fUHkO5EDrYDpiT3UxF3X71yVq8/mWJRNo2T8IPxc6ufGJM524cFLV6KDx1q
h0vDHxcv69wCwKXjYHBoU/X5Bq7k4KuTTbI4B5NgHouWrosUYcn5Bo9eiSfjY0C3
cGD+CSQ/cBHzOleg7X6f3vrI7p6Gc0RG/npAIx7VfUucg8GYmdS2cjv93A5oqXJQ
VIOGjtdX9dV6WEY2kkfJmjHJr4ehef6n6LML9U0F3OIMHYAeM9xObQYVU/iYH1db
1kHQmLcQNR5RbNAm9VKuZdEU/V/IdM0bb1gGZEiuAbu1esSwV9h9zbke4Nf3pmC1
qCmHF6sDyBrrHv1J0sr7dsd4gIlrNhXxtej+3FHCnKiuyMIyrPaKmsjidSeNyHTQ
oQVAxH4doUpiWeViH0/wEg7tcRuU6AFW64iFnMzXG2/iP4H5Oin9Gzsky+cdU+RH
GfzzlTFeyNqhdxeoncnskYCKWN+rKCM+7kPVoSa2JwbZDgWFAIlFNkHsYSjBnYDD
5ua+Acdmj44=1sro
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2020-4760:01 Moderate: tcpdump security, bug fix,

An update for tcpdump is now available for Red Hat Enterprise Linux 8

Summary

The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces.
The following packages have been upgraded to a later upstream version: tcpdump (4.9.3). (BZ#1804063)
Security Fix(es):
* tcpdump: SMB data printing mishandled (CVE-2018-10103)
* tcpdump: SMB data printing mishandled (CVE-2018-10105)
* tcpdump: Out of bounds read/write in get_next_file() in tcpdump.c (CVE-2018-14879)
* tcpdump: Buffer over-read in ldp_tlv_print() function in print-ldp.c (CVE-2018-14461)
* tcpdump: Buffer over-read in icmp_print() function in print-icmp.c (CVE-2018-14462)
* tcpdump: Buffer over-read in vrrp_print() function in print-vrrp.c (CVE-2018-14463)
* tcpdump: Buffer over-read in lmp_print_data_link_subobjs() function in print-lmp.c (CVE-2018-14464)
* tcpdump: Buffer over-read in rsvp_obj_print() function in print-rsvp.c (CVE-2018-14465)
* tcpdump: Buffer over-read in print-icmp6.c (CVE-2018-14466)
* tcpdump: Buffer over-read in bgp_capabilities_print() in print-bgp.c (CVE-2018-14467)
* tcpdump: Buffer over-read in mfr_print() function in print-fr.c (CVE-2018-14468)
* tcpdump: Buffer over-read in ikev1_n_print() function in print-isakmp.c (CVE-2018-14469)
* tcpdump: Buffer over-read in babel_print_v2() in print-babel.c (CVE-2018-14470)
* tcpdump: Buffer over-read in ospf6_print_lshdr() function in print-ospf6.c (CVE-2018-14880)
* tcpdump: Buffer over-read in bgp_capabilities_print() function in print-bgp.c (CVE-2018-14881)
* tcpdump: Buffer over-read in function rpl_dio_printopt in print-icmp6.c (CVE-2018-14882)
* tcpdump: Buffer over-read in print-802_11.c (CVE-2018-16227)
* tcpdump: Access to uninitialized buffer in print_prefix() function in print-hncp.c (CVE-2018-16228)
* tcpdump: Buffer over-read in dccp_print_option() function in print-dccp.c (CVE-2018-16229)
* tcpdump: Buffer over-read in bgp_attr_print() function in print-bgp.c (CVE-2018-16230)
* tcpdump: Resource exhaustion in bgp_attr_print() function in print-bgp.c (CVE-2018-16300)
* tcpdump: Buffer over-read in print_trans() function in print-smb.c (CVE-2018-16451)
* tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c (CVE-2018-16452)
* tcpdump: Buffer overflow in lmp_print_data_link_subobjs() in print-lmp.c (CVE-2019-15166)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.



Summary


Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258

References

https://access.redhat.com/security/cve/CVE-2018-10103 https://access.redhat.com/security/cve/CVE-2018-10105 https://access.redhat.com/security/cve/CVE-2018-14461 https://access.redhat.com/security/cve/CVE-2018-14462 https://access.redhat.com/security/cve/CVE-2018-14463 https://access.redhat.com/security/cve/CVE-2018-14464 https://access.redhat.com/security/cve/CVE-2018-14465 https://access.redhat.com/security/cve/CVE-2018-14466 https://access.redhat.com/security/cve/CVE-2018-14467 https://access.redhat.com/security/cve/CVE-2018-14468 https://access.redhat.com/security/cve/CVE-2018-14469 https://access.redhat.com/security/cve/CVE-2018-14470 https://access.redhat.com/security/cve/CVE-2018-14879 https://access.redhat.com/security/cve/CVE-2018-14880 https://access.redhat.com/security/cve/CVE-2018-14881 https://access.redhat.com/security/cve/CVE-2018-14882 https://access.redhat.com/security/cve/CVE-2018-16227 https://access.redhat.com/security/cve/CVE-2018-16228 https://access.redhat.com/security/cve/CVE-2018-16229 https://access.redhat.com/security/cve/CVE-2018-16230 https://access.redhat.com/security/cve/CVE-2018-16300 https://access.redhat.com/security/cve/CVE-2018-16451 https://access.redhat.com/security/cve/CVE-2018-16452 https://access.redhat.com/security/cve/CVE-2019-15166 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/

Package List

Red Hat Enterprise Linux AppStream (v. 8):
Source: tcpdump-4.9.3-1.el8.src.rpm
aarch64: tcpdump-4.9.3-1.el8.aarch64.rpm tcpdump-debuginfo-4.9.3-1.el8.aarch64.rpm tcpdump-debugsource-4.9.3-1.el8.aarch64.rpm
ppc64le: tcpdump-4.9.3-1.el8.ppc64le.rpm tcpdump-debuginfo-4.9.3-1.el8.ppc64le.rpm tcpdump-debugsource-4.9.3-1.el8.ppc64le.rpm
s390x: tcpdump-4.9.3-1.el8.s390x.rpm tcpdump-debuginfo-4.9.3-1.el8.s390x.rpm tcpdump-debugsource-4.9.3-1.el8.s390x.rpm
x86_64: tcpdump-4.9.3-1.el8.x86_64.rpm tcpdump-debuginfo-4.9.3-1.el8.x86_64.rpm tcpdump-debugsource-4.9.3-1.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/


Severity
Advisory ID: RHSA-2020:4760-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:4760
Issued Date: : 2020-11-03
CVE Names: CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 CVE-2018-14462 CVE-2018-14463 CVE-2018-14464 CVE-2018-14465 CVE-2018-14466 CVE-2018-14467 CVE-2018-14468 CVE-2018-14469 CVE-2018-14470 CVE-2018-14879 CVE-2018-14880 CVE-2018-14881 CVE-2018-14882 CVE-2018-16227 CVE-2018-16228 CVE-2018-16229 CVE-2018-16230 CVE-2018-16300 CVE-2018-16451 CVE-2018-16452 CVE-2019-15166

Topic

An update for tcpdump is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.


Topic


 

Relevant Releases Architectures

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64


Bugs Fixed

1760430 - CVE-2018-14882 tcpdump: Buffer over-read in function rpl_dio_printopt in print-icmp6.c

1760445 - CVE-2018-16300 tcpdump: Resource exhaustion in bgp_attr_print() function in print-bgp.c

1760447 - CVE-2018-14469 tcpdump: Buffer over-read in ikev1_n_print() function in print-isakmp.c

1760449 - CVE-2018-14465 tcpdump: Buffer over-read in rsvp_obj_print() function in print-rsvp.c

1760453 - CVE-2018-14463 tcpdump: Buffer over-read in vrrp_print() function in print-vrrp.c

1760455 - CVE-2018-14462 tcpdump: Buffer over-read in icmp_print() function in print-icmp.c

1760457 - CVE-2018-14879 tcpdump: Out of bounds read/write in in get_next_file() in tcpdump.c

1760458 - CVE-2018-16229 tcpdump: Buffer over-read in dccp_print_option() function in print-dccp.c

1760461 - CVE-2018-16227 tcpdump: Buffer over-read in print-802_11.c

1760463 - CVE-2018-14881 tcpdump: Buffer over-read in bgp_capabilities_print() function in print-bgp.c

1760464 - CVE-2018-14468 tcpdump: Buffer over-read in mfr_print() function in print-fr.c

1760468 - CVE-2018-14880 tcpdump: Buffer over-read in ospf6_print_lshdr() function in print-ospf6.c

1760504 - CVE-2018-10103 tcpdump: SMB data printing mishandled

1760505 - CVE-2018-10105 tcpdump: SMB data printing mishandled

1760506 - CVE-2018-14461 tcpdump: Buffer over-read in ldp_tlv_print() function in print-ldp.c

1760507 - CVE-2018-14464 tcpdump: Buffer over-read in lmp_print_data_link_subobjs() function in print-lmp.c

1760509 - CVE-2018-14466 tcpdump: Buffer over-read in print-icmp6.c

1760512 - CVE-2018-14467 tcpdump: Buffer over-read in bgp_capabilities_print() in print-bgp.c

1760513 - CVE-2018-14470 tcpdump: Buffer over-read in babel_print_v2() in print-babel.c

1760514 - CVE-2018-16228 tcpdump: Access to uninitialized buffer in print_prefix() function in print-hncp.c

1760516 - CVE-2018-16230 tcpdump: Buffer over-read in bgp_attr_print() function in print-bgp.c

1760517 - CVE-2018-16451 tcpdump: Buffer over-read in print_trans() function in print-smb.c

1760518 - CVE-2018-16452 tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c

1760520 - CVE-2019-15166 tcpdump: Buffer overflow in lmp_print_data_link_subobjs() in print-lmp.c

1804063 - Rebase tcpdump to 4.9.3 to fix multiple CVEs


Related News

4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved