Explore top 10 tips to secure your open-source projects now. Read More
×
tcpflow could be made to crash or expose sensitive information over the network
if it opened a specially crafted file or received specially crafted network
traffic.
Software Description:
- tcpflow: TCP flow recorder
Details:
It was discovered that tcpflow incorrectly handled certain malformed network
packets. A remote attacker could send these packets to a target system, causing
tcpflow to crash or possibly disclose sensitive information.
The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: tcpflow 1.4.5+repack1-4ubuntu0.18.10.1 tcpflow-nox 1.4.5+repack1-4ubuntu0.18.10.1 Ubuntu 18.04 LTS: tcpflow 1.4.5+repack1-4ubuntu0.18.04.1 tcpflow-nox 1.4.5+repack1-4ubuntu0.18.04.1 Ubuntu 16.04 LTS: tcpflow 1.4.5+repack1-1ubuntu0.1 tcpflow-nox 1.4.5+repack1-1ubuntu0.1 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-3955-1
CVE-2018-14938, CVE-2018-18409
Get the latest Linux and open source security news straight to your inbox.