USN-4252-2: tcpdump vulnerabilities
27 January 2020
Several security issues were fixed in tcpdump.
Releases
Packages
- tcpdump - command-line network traffic analyzer
Details
USN-4252-1 fixed several vulnerabilities in tcpdump. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
Multiple security issues were discovered in tcpdump. A remote attacker
could use these issues to cause tcpdump to crash, resulting in a denial of
service, or possibly execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04
Ubuntu 12.04
This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.
References
- CVE-2017-16808
- CVE-2018-10103
- CVE-2018-10105
- CVE-2018-14461
- CVE-2018-14462
- CVE-2018-14463
- CVE-2018-14464
- CVE-2018-14465
- CVE-2018-14466
- CVE-2018-14467
- CVE-2018-14468
- CVE-2018-14469
- CVE-2018-14470
- CVE-2018-14879
- CVE-2018-14880
- CVE-2018-14881
- CVE-2018-14882
- CVE-2018-16227
- CVE-2018-16228
- CVE-2018-16229
- CVE-2018-16230
- CVE-2018-16300
- CVE-2018-16451
- CVE-2018-16452
- CVE-2018-19519
- CVE-2019-1010220
- CVE-2019-15166
- CVE-2019-15167