CVE-2016-7938

Published: 27 January 2017

The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame().

Priority

CVSS 3 base score: 9.8

Package	Release	Status
tcpdump Launchpad, Ubuntu, Debian	precise	Released (4.9.0-1ubuntu1~ubuntu12.04.1)
	trusty	Released (4.9.0-1ubuntu1~ubuntu14.04.1)
	upstream	Released (4.9.0-1)
	xenial	Released (4.9.0-1ubuntu1~ubuntu16.04.1)
	yakkety	Released (4.9.0-1ubuntu1~ubuntu16.10.1)

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.