CVE-2017-16808

Published: 13 November 2017

tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.

Priority

CVSS 3 base score: 5.5

Status

Package	Release	Status
tcpdump Launchpad, Ubuntu, Debian	artful	Ignored (reached end-of-life)
	bionic	Released (4.9.3-0ubuntu0.18.04.1)
	cosmic	Ignored (reached end-of-life)
	disco	Ignored (reached end-of-life)
	eoan	Not vulnerable (4.9.3~git20190901-2)
	precise	Released (4.9.3-0ubuntu0.12.04.1)
	trusty	Released (4.9.3-0ubuntu0.14.04.1+esm1)
	upstream	Needs triage
	xenial	Released (4.9.3-0ubuntu0.16.04.1)
	zesty	Ignored (reached end-of-life)

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.