Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2020-8036

Published: 4 November 2020

The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way.

Notes

AuthorNote
sbeattie
introduced in the 4.10 tcpdump devel cycle.

Priority

Low

CVSS 3 base score: 7.5

Status

Package Release Status
tcpdump
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(code not present)
focal Not vulnerable
(code not present)
groovy Not vulnerable
(code not present)
hirsute Not vulnerable
(code not present)
impish Not vulnerable
(4.99.0-2)
jammy Not vulnerable
(4.99.0-2)
precise Ignored
(end of ESM support, was needs-triage)
trusty Not vulnerable
(code not present)
upstream
Released (4.99.0-2)
xenial Not vulnerable
(code not present)
Patches:
upstream: https://github.com/the-tcpdump-group/tcpdump/commit/e2256b4f2506102be2c6f7976f84f0d607c53d43