CVE-2023-1801
Published: 7 April 2023
The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet.
Notes
| Author | Note |
|---|---|
| mdeslaur | The SMB printer is not enabled on Debian/Ubuntu builds, so the vulnerable code isn't used. |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
tcpdump Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code not compiled)
|
| jammy |
Not vulnerable
(code not compiled)
|
|
| kinetic |
Not vulnerable
(code not compiled)
|
|
| lunar |
Not vulnerable
(code not compiled)
|
|
| trusty |
Not vulnerable
(code not compiled)
|
|
| upstream |
Needs triage
|
|
| xenial |
Not vulnerable
(code not compiled)
|
|
| focal |
Not vulnerable
(code not compiled)
|
|
|
Patches: upstream: https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501 (master) upstream: https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc (tcpdump-4.99.4) |
||
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 6.5 |
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | Required |
| Scope | Unchanged |
| Confidentiality | None |
| Integrity impact | None |
| Availability impact | High |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |