RedHat: RHSA-2021-2191:01 Moderate: tcpdump security update

Advisories

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: tcpdump security update
Advisory ID:       RHSA-2021:2191-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:2191
Issue date:        2021-06-01
CVE Names:         CVE-2018-10103 CVE-2018-10105 
=====================================================================

1. Summary:

An update for tcpdump is now available for Red Hat Enterprise Linux 8.2
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64

3. Description:

The tcpdump packages contain the tcpdump utility for monitoring network
traffic. The tcpdump utility can capture and display the packet headers on
a particular network interface or on all interfaces.

Security Fix(es):

* tcpdump: SMB data printing mishandled (CVE-2018-10103)

* tcpdump: SMB data printing mishandled (CVE-2018-10105)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1760504 - CVE-2018-10103 tcpdump: SMB data printing mishandled
1760505 - CVE-2018-10105 tcpdump: SMB data printing mishandled

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v. 8.2):

Source:
tcpdump-4.9.2-7.el8_2.src.rpm

aarch64:
tcpdump-4.9.2-7.el8_2.aarch64.rpm
tcpdump-debuginfo-4.9.2-7.el8_2.aarch64.rpm
tcpdump-debugsource-4.9.2-7.el8_2.aarch64.rpm

ppc64le:
tcpdump-4.9.2-7.el8_2.ppc64le.rpm
tcpdump-debuginfo-4.9.2-7.el8_2.ppc64le.rpm
tcpdump-debugsource-4.9.2-7.el8_2.ppc64le.rpm

s390x:
tcpdump-4.9.2-7.el8_2.s390x.rpm
tcpdump-debuginfo-4.9.2-7.el8_2.s390x.rpm
tcpdump-debugsource-4.9.2-7.el8_2.s390x.rpm

x86_64:
tcpdump-4.9.2-7.el8_2.x86_64.rpm
tcpdump-debuginfo-4.9.2-7.el8_2.x86_64.rpm
tcpdump-debugsource-4.9.2-7.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-10103
https://access.redhat.com/security/cve/CVE-2018-10105
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYLZgmtzjgjWX9erEAQgHZhAAjQAQiiB4Ecq5xDc5kxcvpNqeaw4hZolS
xcjc3xgAKZMdusxUujKDfJJlxLMVDD7k84FL9dfUp9bem58+xqMzDk6KnEwgqv8C
XCjXe37RXHzAcdOdxKP0fKtjccuDkcV/STUfGlNrXVcI2YmHKqvLzr2GdHHSBsGE
lIdWTFVoqTDc9Y/YntKH9oOXDyzDP/IpIgCFAUWa7npWDBJIYVXKpnkCF44D9r0X
fE5CO/IRl8O1+KgjgpQUnHk7SVS8Q7uJGk3gTZ0AwC7ptDOIwYXOP3WrgzVDwe4P
1/drOsaIt//kf7gtklJJ2myfQ9NSc7Z/+e5ZOMp4fgmHI4o568BzGFBAMjLd/hHj
Ya+91eiOzsGoChbxh1PzFEtM+l2r2/wS33XdbYT75GsjNcB0LlLTcAL2q2A5Cr48
VTM91Ft1zb/oIOR1bGCvkVFlWN9V5tPCgXiiTAjNVfwEFTtTT2sGOZB7HOz16i2H
Uj8lkFDaqPFvA0MSEDIJk5QFjkcpwa/hREQgJxNEU0sm5O0KZt19FEUzrUxTKs6S
RUIrM2HzvsId3CoI8raeQptmlpg8zyoE91/h+OiJ/6awcwBSZAgC8lyclR5aisvb
2ssttxwoV9Bv6sX3FGfFBwE5XQNlYyu2F/mRDL9hgrsJCEZwRhfVcC5sdPfT6Z2O
oZRsvPA/saE=
=jB5T
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2021-2191:01 Moderate: tcpdump security update

An update for tcpdump is now available for Red Hat Enterprise Linux 8.2 Extended Update Support

Summary

The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces.
Security Fix(es):
* tcpdump: SMB data printing mishandled (CVE-2018-10103)
* tcpdump: SMB data printing mishandled (CVE-2018-10105)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changesdescribed in this advisory, refer to:https://access.redhat.com/articles/11258

References

https://access.redhat.com/security/cve/CVE-2018-10103 https://access.redhat.com/security/cve/CVE-2018-10105 https://access.redhat.com/security/updates/classification/#moderate

Package List

Red Hat Enterprise Linux AppStream EUS (v. 8.2):
Source: tcpdump-4.9.2-7.el8_2.src.rpm
aarch64: tcpdump-4.9.2-7.el8_2.aarch64.rpm tcpdump-debuginfo-4.9.2-7.el8_2.aarch64.rpm tcpdump-debugsource-4.9.2-7.el8_2.aarch64.rpm
ppc64le: tcpdump-4.9.2-7.el8_2.ppc64le.rpm tcpdump-debuginfo-4.9.2-7.el8_2.ppc64le.rpm tcpdump-debugsource-4.9.2-7.el8_2.ppc64le.rpm
s390x: tcpdump-4.9.2-7.el8_2.s390x.rpm tcpdump-debuginfo-4.9.2-7.el8_2.s390x.rpm tcpdump-debugsource-4.9.2-7.el8_2.s390x.rpm
x86_64: tcpdump-4.9.2-7.el8_2.x86_64.rpm tcpdump-debuginfo-4.9.2-7.el8_2.x86_64.rpm tcpdump-debugsource-4.9.2-7.el8_2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

Severity
Advisory ID: RHSA-2021:2191-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2191
Issued Date: : 2021-06-01
CVE Names: CVE-2018-10103 CVE-2018-10105

Topic

An update for tcpdump is now available for Red Hat Enterprise Linux 8.2Extended Update Support.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Relevant Releases Architectures

Red Hat Enterprise Linux AppStream EUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64

Bugs Fixed

1760504 - CVE-2018-10103 tcpdump: SMB data printing mishandled

1760505 - CVE-2018-10105 tcpdump: SMB data printing mishandled

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.