Action not permitted
Modal body text goes here.
cve-2018-19519
Vulnerability from cvelistv5
Published
2018-11-25 20:00
Modified
2024-08-05 11:37
Severity ?
EPSS score ?
Summary
In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:37:11.527Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106098",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106098"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zyingp/temp/blob/master/tcpdump.md"
},
{
"name": "FEDORA-2019-85d92df70f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"name": "FEDORA-2019-d06bc63433",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
},
{
"name": "FEDORA-2019-6db0d5b9d9",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/"
},
{
"name": "RHSA-2019:3976",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3976"
},
{
"name": "USN-4252-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4252-2/"
},
{
"name": "USN-4252-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4252-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-11-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-27T16:06:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "106098",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106098"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zyingp/temp/blob/master/tcpdump.md"
},
{
"name": "FEDORA-2019-85d92df70f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"name": "FEDORA-2019-d06bc63433",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
},
{
"name": "FEDORA-2019-6db0d5b9d9",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/"
},
{
"name": "RHSA-2019:3976",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3976"
},
{
"name": "USN-4252-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4252-2/"
},
{
"name": "USN-4252-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4252-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19519",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106098",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106098"
},
{
"name": "https://github.com/zyingp/temp/blob/master/tcpdump.md",
"refsource": "MISC",
"url": "https://github.com/zyingp/temp/blob/master/tcpdump.md"
},
{
"name": "FEDORA-2019-85d92df70f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"name": "FEDORA-2019-d06bc63433",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
},
{
"name": "FEDORA-2019-6db0d5b9d9",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/"
},
{
"name": "RHSA-2019:3976",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3976"
},
{
"name": "USN-4252-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4252-2/"
},
{
"name": "USN-4252-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4252-1/"
},
{
"name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516",
"refsource": "CONFIRM",
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-19519",
"datePublished": "2018-11-25T20:00:00",
"dateReserved": "2018-11-25T00:00:00",
"dateUpdated": "2024-08-05T11:37:11.527Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2018-19519\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-11-25T20:29:00.273\",\"lastModified\":\"2023-11-07T02:55:34.093\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.\"},{\"lang\":\"es\",\"value\":\"En la versi\u00f3n 4.9.2 de tcpdump, existe un una sobrelectura de b\u00fafer basada en pila en la funci\u00f3n print_prefix de print-hncp.c mediante un paquete de datos manipulado debido a la falta de una inicializaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":4.3},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"},{\"lang\":\"en\",\"value\":\"CWE-909\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tcpdump:tcpdump:4.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9FBA366-800E-4163-8E22-A652750C4F28\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/106098\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3976\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/zyingp/temp/blob/master/tcpdump.md\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://usn.ubuntu.com/4252-1/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://usn.ubuntu.com/4252-2/\",\"source\":\"cve@mitre.org\"}]}}"
}
}
rhsa-2019_3976
Vulnerability from csaf_redhat
Published
2019-11-26 14:28
Modified
2024-11-22 13:53
Summary
Red Hat Security Advisory: tcpdump security update
Notes
Topic
An update for tcpdump is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces.
Security Fix(es):
* tcpdump: Stack-based buffer over-read in print-hncp.c:print_prefix() via crafted pcap (CVE-2018-19519)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for tcpdump is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces.\n\nSecurity Fix(es):\n\n* tcpdump: Stack-based buffer over-read in print-hncp.c:print_prefix() via crafted pcap (CVE-2018-19519)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:3976",
"url": "https://access.redhat.com/errata/RHSA-2019:3976"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "1655374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1655374"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3976.json"
}
],
"title": "Red Hat Security Advisory: tcpdump security update",
"tracking": {
"current_release_date": "2024-11-22T13:53:07+00:00",
"generator": {
"date": "2024-11-22T13:53:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2019:3976",
"initial_release_date": "2019-11-26T14:28:52+00:00",
"revision_history": [
{
"date": "2019-11-26T14:28:52+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-11-26T14:28:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T13:53:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-14:4.9.2-4.el7_7.1.x86_64",
"product": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.x86_64",
"product_id": "tcpdump-14:4.9.2-4.el7_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump@4.9.2-4.el7_7.1?arch=x86_64\u0026epoch=14"
}
}
},
{
"category": "product_version",
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64",
"product": {
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64",
"product_id": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump-debuginfo@4.9.2-4.el7_7.1?arch=x86_64\u0026epoch=14"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-14:4.9.2-4.el7_7.1.src",
"product": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.src",
"product_id": "tcpdump-14:4.9.2-4.el7_7.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump@4.9.2-4.el7_7.1?arch=src\u0026epoch=14"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-14:4.9.2-4.el7_7.1.s390x",
"product": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.s390x",
"product_id": "tcpdump-14:4.9.2-4.el7_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump@4.9.2-4.el7_7.1?arch=s390x\u0026epoch=14"
}
}
},
{
"category": "product_version",
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x",
"product": {
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x",
"product_id": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump-debuginfo@4.9.2-4.el7_7.1?arch=s390x\u0026epoch=14"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-14:4.9.2-4.el7_7.1.ppc64",
"product": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.ppc64",
"product_id": "tcpdump-14:4.9.2-4.el7_7.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump@4.9.2-4.el7_7.1?arch=ppc64\u0026epoch=14"
}
}
},
{
"category": "product_version",
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64",
"product": {
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64",
"product_id": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump-debuginfo@4.9.2-4.el7_7.1?arch=ppc64\u0026epoch=14"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-14:4.9.2-4.el7_7.1.ppc64le",
"product": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.ppc64le",
"product_id": "tcpdump-14:4.9.2-4.el7_7.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump@4.9.2-4.el7_7.1?arch=ppc64le\u0026epoch=14"
}
}
},
{
"category": "product_version",
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le",
"product": {
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le",
"product_id": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump-debuginfo@4.9.2-4.el7_7.1?arch=ppc64le\u0026epoch=14"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64"
},
"product_reference": "tcpdump-14:4.9.2-4.el7_7.1.ppc64",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64le"
},
"product_reference": "tcpdump-14:4.9.2-4.el7_7.1.ppc64le",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.s390x"
},
"product_reference": "tcpdump-14:4.9.2-4.el7_7.1.s390x",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.src"
},
"product_reference": "tcpdump-14:4.9.2-4.el7_7.1.src",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.x86_64"
},
"product_reference": "tcpdump-14:4.9.2-4.el7_7.1.x86_64",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64"
},
"product_reference": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le"
},
"product_reference": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x"
},
"product_reference": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64"
},
"product_reference": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64",
"relates_to_product_reference": "7Client-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64"
},
"product_reference": "tcpdump-14:4.9.2-4.el7_7.1.ppc64",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64le"
},
"product_reference": "tcpdump-14:4.9.2-4.el7_7.1.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.s390x"
},
"product_reference": "tcpdump-14:4.9.2-4.el7_7.1.s390x",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.src"
},
"product_reference": "tcpdump-14:4.9.2-4.el7_7.1.src",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.x86_64"
},
"product_reference": "tcpdump-14:4.9.2-4.el7_7.1.x86_64",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64"
},
"product_reference": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le"
},
"product_reference": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x"
},
"product_reference": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64"
},
"product_reference": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64",
"relates_to_product_reference": "7ComputeNode-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64"
},
"product_reference": "tcpdump-14:4.9.2-4.el7_7.1.ppc64",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64le"
},
"product_reference": "tcpdump-14:4.9.2-4.el7_7.1.ppc64le",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.s390x"
},
"product_reference": "tcpdump-14:4.9.2-4.el7_7.1.s390x",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.src"
},
"product_reference": "tcpdump-14:4.9.2-4.el7_7.1.src",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.x86_64"
},
"product_reference": "tcpdump-14:4.9.2-4.el7_7.1.x86_64",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64"
},
"product_reference": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le"
},
"product_reference": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x"
},
"product_reference": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64"
},
"product_reference": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64",
"relates_to_product_reference": "7Server-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64"
},
"product_reference": "tcpdump-14:4.9.2-4.el7_7.1.ppc64",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64le"
},
"product_reference": "tcpdump-14:4.9.2-4.el7_7.1.ppc64le",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.s390x"
},
"product_reference": "tcpdump-14:4.9.2-4.el7_7.1.s390x",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.src"
},
"product_reference": "tcpdump-14:4.9.2-4.el7_7.1.src",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-4.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.x86_64"
},
"product_reference": "tcpdump-14:4.9.2-4.el7_7.1.x86_64",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64"
},
"product_reference": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le"
},
"product_reference": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x"
},
"product_reference": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x",
"relates_to_product_reference": "7Workstation-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64"
},
"product_reference": "tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64",
"relates_to_product_reference": "7Workstation-7.7.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-19519",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2018-11-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1655374"
}
],
"notes": [
{
"category": "description",
"text": "In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tcpdump: Stack-based buffer over-read in print-hncp.c:print_prefix() via crafted pcap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of tcpdump as shipped with Red Hat Enterprise Linux 7.\n\nThis issue did not affect the versions of tcpdump as shipped with Red Hat Enterprise Linux 5 and 6.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64",
"7Client-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64le",
"7Client-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.s390x",
"7Client-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.src",
"7Client-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.x86_64",
"7Client-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64",
"7Client-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le",
"7Client-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x",
"7Client-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64",
"7ComputeNode-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64",
"7ComputeNode-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64le",
"7ComputeNode-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.s390x",
"7ComputeNode-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.src",
"7ComputeNode-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.x86_64",
"7ComputeNode-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64",
"7ComputeNode-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le",
"7ComputeNode-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x",
"7ComputeNode-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64",
"7Server-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64",
"7Server-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64le",
"7Server-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.s390x",
"7Server-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.src",
"7Server-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.x86_64",
"7Server-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64",
"7Server-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le",
"7Server-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x",
"7Server-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64",
"7Workstation-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64",
"7Workstation-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64le",
"7Workstation-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.s390x",
"7Workstation-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.src",
"7Workstation-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.x86_64",
"7Workstation-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64",
"7Workstation-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le",
"7Workstation-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x",
"7Workstation-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19519"
},
{
"category": "external",
"summary": "RHBZ#1655374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1655374"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19519",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19519"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19519",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19519"
}
],
"release_date": "2018-12-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-26T14:28:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64",
"7Client-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64le",
"7Client-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.s390x",
"7Client-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.src",
"7Client-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.x86_64",
"7Client-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64",
"7Client-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le",
"7Client-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x",
"7Client-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64",
"7ComputeNode-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64",
"7ComputeNode-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64le",
"7ComputeNode-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.s390x",
"7ComputeNode-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.src",
"7ComputeNode-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.x86_64",
"7ComputeNode-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64",
"7ComputeNode-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le",
"7ComputeNode-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x",
"7ComputeNode-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64",
"7Server-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64",
"7Server-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64le",
"7Server-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.s390x",
"7Server-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.src",
"7Server-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.x86_64",
"7Server-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64",
"7Server-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le",
"7Server-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x",
"7Server-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64",
"7Workstation-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64",
"7Workstation-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64le",
"7Workstation-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.s390x",
"7Workstation-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.src",
"7Workstation-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.x86_64",
"7Workstation-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64",
"7Workstation-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le",
"7Workstation-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x",
"7Workstation-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3976"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Client-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64",
"7Client-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64le",
"7Client-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.s390x",
"7Client-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.src",
"7Client-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.x86_64",
"7Client-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64",
"7Client-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le",
"7Client-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x",
"7Client-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64",
"7ComputeNode-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64",
"7ComputeNode-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64le",
"7ComputeNode-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.s390x",
"7ComputeNode-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.src",
"7ComputeNode-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.x86_64",
"7ComputeNode-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64",
"7ComputeNode-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le",
"7ComputeNode-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x",
"7ComputeNode-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64",
"7Server-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64",
"7Server-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64le",
"7Server-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.s390x",
"7Server-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.src",
"7Server-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.x86_64",
"7Server-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64",
"7Server-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le",
"7Server-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x",
"7Server-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64",
"7Workstation-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64",
"7Workstation-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.ppc64le",
"7Workstation-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.s390x",
"7Workstation-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.src",
"7Workstation-7.7.Z:tcpdump-14:4.9.2-4.el7_7.1.x86_64",
"7Workstation-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64",
"7Workstation-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.ppc64le",
"7Workstation-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.s390x",
"7Workstation-7.7.Z:tcpdump-debuginfo-14:4.9.2-4.el7_7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tcpdump: Stack-based buffer over-read in print-hncp.c:print_prefix() via crafted pcap"
}
]
}
rhsa-2020_1604
Vulnerability from csaf_redhat
Published
2020-04-28 16:04
Modified
2024-11-22 13:53
Summary
Red Hat Security Advisory: tcpdump security update
Notes
Topic
An update for tcpdump is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces.
Security Fix(es):
* tcpdump: Stack-based buffer over-read in print-hncp.c:print_prefix() via crafted pcap (CVE-2018-19519)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for tcpdump is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces.\n\nSecurity Fix(es):\n\n* tcpdump: Stack-based buffer over-read in print-hncp.c:print_prefix() via crafted pcap (CVE-2018-19519)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:1604",
"url": "https://access.redhat.com/errata/RHSA-2020:1604"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index"
},
{
"category": "external",
"summary": "1655374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1655374"
},
{
"category": "external",
"summary": "1715423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1715423"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1604.json"
}
],
"title": "Red Hat Security Advisory: tcpdump security update",
"tracking": {
"current_release_date": "2024-11-22T13:53:13+00:00",
"generator": {
"date": "2024-11-22T13:53:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:1604",
"initial_release_date": "2020-04-28T16:04:30+00:00",
"revision_history": [
{
"date": "2020-04-28T16:04:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-04-28T16:04:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T13:53:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-14:4.9.2-6.el8.ppc64le",
"product": {
"name": "tcpdump-14:4.9.2-6.el8.ppc64le",
"product_id": "tcpdump-14:4.9.2-6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump@4.9.2-6.el8?arch=ppc64le\u0026epoch=14"
}
}
},
{
"category": "product_version",
"name": "tcpdump-debugsource-14:4.9.2-6.el8.ppc64le",
"product": {
"name": "tcpdump-debugsource-14:4.9.2-6.el8.ppc64le",
"product_id": "tcpdump-debugsource-14:4.9.2-6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump-debugsource@4.9.2-6.el8?arch=ppc64le\u0026epoch=14"
}
}
},
{
"category": "product_version",
"name": "tcpdump-debuginfo-14:4.9.2-6.el8.ppc64le",
"product": {
"name": "tcpdump-debuginfo-14:4.9.2-6.el8.ppc64le",
"product_id": "tcpdump-debuginfo-14:4.9.2-6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump-debuginfo@4.9.2-6.el8?arch=ppc64le\u0026epoch=14"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-14:4.9.2-6.el8.s390x",
"product": {
"name": "tcpdump-14:4.9.2-6.el8.s390x",
"product_id": "tcpdump-14:4.9.2-6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump@4.9.2-6.el8?arch=s390x\u0026epoch=14"
}
}
},
{
"category": "product_version",
"name": "tcpdump-debugsource-14:4.9.2-6.el8.s390x",
"product": {
"name": "tcpdump-debugsource-14:4.9.2-6.el8.s390x",
"product_id": "tcpdump-debugsource-14:4.9.2-6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump-debugsource@4.9.2-6.el8?arch=s390x\u0026epoch=14"
}
}
},
{
"category": "product_version",
"name": "tcpdump-debuginfo-14:4.9.2-6.el8.s390x",
"product": {
"name": "tcpdump-debuginfo-14:4.9.2-6.el8.s390x",
"product_id": "tcpdump-debuginfo-14:4.9.2-6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump-debuginfo@4.9.2-6.el8?arch=s390x\u0026epoch=14"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-14:4.9.2-6.el8.x86_64",
"product": {
"name": "tcpdump-14:4.9.2-6.el8.x86_64",
"product_id": "tcpdump-14:4.9.2-6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump@4.9.2-6.el8?arch=x86_64\u0026epoch=14"
}
}
},
{
"category": "product_version",
"name": "tcpdump-debugsource-14:4.9.2-6.el8.x86_64",
"product": {
"name": "tcpdump-debugsource-14:4.9.2-6.el8.x86_64",
"product_id": "tcpdump-debugsource-14:4.9.2-6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump-debugsource@4.9.2-6.el8?arch=x86_64\u0026epoch=14"
}
}
},
{
"category": "product_version",
"name": "tcpdump-debuginfo-14:4.9.2-6.el8.x86_64",
"product": {
"name": "tcpdump-debuginfo-14:4.9.2-6.el8.x86_64",
"product_id": "tcpdump-debuginfo-14:4.9.2-6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump-debuginfo@4.9.2-6.el8?arch=x86_64\u0026epoch=14"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-14:4.9.2-6.el8.aarch64",
"product": {
"name": "tcpdump-14:4.9.2-6.el8.aarch64",
"product_id": "tcpdump-14:4.9.2-6.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump@4.9.2-6.el8?arch=aarch64\u0026epoch=14"
}
}
},
{
"category": "product_version",
"name": "tcpdump-debugsource-14:4.9.2-6.el8.aarch64",
"product": {
"name": "tcpdump-debugsource-14:4.9.2-6.el8.aarch64",
"product_id": "tcpdump-debugsource-14:4.9.2-6.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump-debugsource@4.9.2-6.el8?arch=aarch64\u0026epoch=14"
}
}
},
{
"category": "product_version",
"name": "tcpdump-debuginfo-14:4.9.2-6.el8.aarch64",
"product": {
"name": "tcpdump-debuginfo-14:4.9.2-6.el8.aarch64",
"product_id": "tcpdump-debuginfo-14:4.9.2-6.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump-debuginfo@4.9.2-6.el8?arch=aarch64\u0026epoch=14"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-14:4.9.2-6.el8.src",
"product": {
"name": "tcpdump-14:4.9.2-6.el8.src",
"product_id": "tcpdump-14:4.9.2-6.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tcpdump@4.9.2-6.el8?arch=src\u0026epoch=14"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.GA:tcpdump-14:4.9.2-6.el8.aarch64"
},
"product_reference": "tcpdump-14:4.9.2-6.el8.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.GA:tcpdump-14:4.9.2-6.el8.ppc64le"
},
"product_reference": "tcpdump-14:4.9.2-6.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.GA:tcpdump-14:4.9.2-6.el8.s390x"
},
"product_reference": "tcpdump-14:4.9.2-6.el8.s390x",
"relates_to_product_reference": "AppStream-8.2.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-6.el8.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.GA:tcpdump-14:4.9.2-6.el8.src"
},
"product_reference": "tcpdump-14:4.9.2-6.el8.src",
"relates_to_product_reference": "AppStream-8.2.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-14:4.9.2-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.GA:tcpdump-14:4.9.2-6.el8.x86_64"
},
"product_reference": "tcpdump-14:4.9.2-6.el8.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debuginfo-14:4.9.2-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.GA:tcpdump-debuginfo-14:4.9.2-6.el8.aarch64"
},
"product_reference": "tcpdump-debuginfo-14:4.9.2-6.el8.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debuginfo-14:4.9.2-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.GA:tcpdump-debuginfo-14:4.9.2-6.el8.ppc64le"
},
"product_reference": "tcpdump-debuginfo-14:4.9.2-6.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debuginfo-14:4.9.2-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.GA:tcpdump-debuginfo-14:4.9.2-6.el8.s390x"
},
"product_reference": "tcpdump-debuginfo-14:4.9.2-6.el8.s390x",
"relates_to_product_reference": "AppStream-8.2.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debuginfo-14:4.9.2-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.GA:tcpdump-debuginfo-14:4.9.2-6.el8.x86_64"
},
"product_reference": "tcpdump-debuginfo-14:4.9.2-6.el8.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debugsource-14:4.9.2-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.GA:tcpdump-debugsource-14:4.9.2-6.el8.aarch64"
},
"product_reference": "tcpdump-debugsource-14:4.9.2-6.el8.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debugsource-14:4.9.2-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.GA:tcpdump-debugsource-14:4.9.2-6.el8.ppc64le"
},
"product_reference": "tcpdump-debugsource-14:4.9.2-6.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debugsource-14:4.9.2-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.GA:tcpdump-debugsource-14:4.9.2-6.el8.s390x"
},
"product_reference": "tcpdump-debugsource-14:4.9.2-6.el8.s390x",
"relates_to_product_reference": "AppStream-8.2.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-debugsource-14:4.9.2-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.GA:tcpdump-debugsource-14:4.9.2-6.el8.x86_64"
},
"product_reference": "tcpdump-debugsource-14:4.9.2-6.el8.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-19519",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2018-11-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1655374"
}
],
"notes": [
{
"category": "description",
"text": "In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tcpdump: Stack-based buffer over-read in print-hncp.c:print_prefix() via crafted pcap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of tcpdump as shipped with Red Hat Enterprise Linux 7.\n\nThis issue did not affect the versions of tcpdump as shipped with Red Hat Enterprise Linux 5 and 6.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.GA:tcpdump-14:4.9.2-6.el8.aarch64",
"AppStream-8.2.0.GA:tcpdump-14:4.9.2-6.el8.ppc64le",
"AppStream-8.2.0.GA:tcpdump-14:4.9.2-6.el8.s390x",
"AppStream-8.2.0.GA:tcpdump-14:4.9.2-6.el8.src",
"AppStream-8.2.0.GA:tcpdump-14:4.9.2-6.el8.x86_64",
"AppStream-8.2.0.GA:tcpdump-debuginfo-14:4.9.2-6.el8.aarch64",
"AppStream-8.2.0.GA:tcpdump-debuginfo-14:4.9.2-6.el8.ppc64le",
"AppStream-8.2.0.GA:tcpdump-debuginfo-14:4.9.2-6.el8.s390x",
"AppStream-8.2.0.GA:tcpdump-debuginfo-14:4.9.2-6.el8.x86_64",
"AppStream-8.2.0.GA:tcpdump-debugsource-14:4.9.2-6.el8.aarch64",
"AppStream-8.2.0.GA:tcpdump-debugsource-14:4.9.2-6.el8.ppc64le",
"AppStream-8.2.0.GA:tcpdump-debugsource-14:4.9.2-6.el8.s390x",
"AppStream-8.2.0.GA:tcpdump-debugsource-14:4.9.2-6.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19519"
},
{
"category": "external",
"summary": "RHBZ#1655374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1655374"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19519",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19519"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19519",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19519"
}
],
"release_date": "2018-12-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-04-28T16:04:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.2.0.GA:tcpdump-14:4.9.2-6.el8.aarch64",
"AppStream-8.2.0.GA:tcpdump-14:4.9.2-6.el8.ppc64le",
"AppStream-8.2.0.GA:tcpdump-14:4.9.2-6.el8.s390x",
"AppStream-8.2.0.GA:tcpdump-14:4.9.2-6.el8.src",
"AppStream-8.2.0.GA:tcpdump-14:4.9.2-6.el8.x86_64",
"AppStream-8.2.0.GA:tcpdump-debuginfo-14:4.9.2-6.el8.aarch64",
"AppStream-8.2.0.GA:tcpdump-debuginfo-14:4.9.2-6.el8.ppc64le",
"AppStream-8.2.0.GA:tcpdump-debuginfo-14:4.9.2-6.el8.s390x",
"AppStream-8.2.0.GA:tcpdump-debuginfo-14:4.9.2-6.el8.x86_64",
"AppStream-8.2.0.GA:tcpdump-debugsource-14:4.9.2-6.el8.aarch64",
"AppStream-8.2.0.GA:tcpdump-debugsource-14:4.9.2-6.el8.ppc64le",
"AppStream-8.2.0.GA:tcpdump-debugsource-14:4.9.2-6.el8.s390x",
"AppStream-8.2.0.GA:tcpdump-debugsource-14:4.9.2-6.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:1604"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.2.0.GA:tcpdump-14:4.9.2-6.el8.aarch64",
"AppStream-8.2.0.GA:tcpdump-14:4.9.2-6.el8.ppc64le",
"AppStream-8.2.0.GA:tcpdump-14:4.9.2-6.el8.s390x",
"AppStream-8.2.0.GA:tcpdump-14:4.9.2-6.el8.src",
"AppStream-8.2.0.GA:tcpdump-14:4.9.2-6.el8.x86_64",
"AppStream-8.2.0.GA:tcpdump-debuginfo-14:4.9.2-6.el8.aarch64",
"AppStream-8.2.0.GA:tcpdump-debuginfo-14:4.9.2-6.el8.ppc64le",
"AppStream-8.2.0.GA:tcpdump-debuginfo-14:4.9.2-6.el8.s390x",
"AppStream-8.2.0.GA:tcpdump-debuginfo-14:4.9.2-6.el8.x86_64",
"AppStream-8.2.0.GA:tcpdump-debugsource-14:4.9.2-6.el8.aarch64",
"AppStream-8.2.0.GA:tcpdump-debugsource-14:4.9.2-6.el8.ppc64le",
"AppStream-8.2.0.GA:tcpdump-debugsource-14:4.9.2-6.el8.s390x",
"AppStream-8.2.0.GA:tcpdump-debugsource-14:4.9.2-6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tcpdump: Stack-based buffer over-read in print-hncp.c:print_prefix() via crafted pcap"
}
]
}
var-201811-0538
Vulnerability from variot
In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization. tcpdump Contains an out-of-bounds vulnerability.Information may be obtained. TcpDump can completely intercept the data packets transmitted in the network for analysis. It supports filtering for the network layer, protocol, host, network or port, and provides logical statements such as and, or, not to help you remove useless information. The vulnerability stems from a lack of initialization. Tcpdump is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Failed exploit attempts may result in a denial-of-service condition; this can result in the attacker gaining complete control of the affected system. Tcpdump version 4.9.2 is vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Low: tcpdump security update Advisory ID: RHSA-2019:3976-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:3976 Issue date: 2019-11-26 CVE Names: CVE-2018-19519 ==================================================================== 1. Summary:
An update for tcpdump is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- Description:
The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces.
Security Fix(es):
- tcpdump: Stack-based buffer over-read in print-hncp.c:print_prefix() via crafted pcap (CVE-2018-19519)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: tcpdump-4.9.2-4.el7_7.1.src.rpm
x86_64: tcpdump-4.9.2-4.el7_7.1.x86_64.rpm tcpdump-debuginfo-4.9.2-4.el7_7.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: tcpdump-4.9.2-4.el7_7.1.src.rpm
x86_64: tcpdump-4.9.2-4.el7_7.1.x86_64.rpm tcpdump-debuginfo-4.9.2-4.el7_7.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: tcpdump-4.9.2-4.el7_7.1.src.rpm
ppc64: tcpdump-4.9.2-4.el7_7.1.ppc64.rpm tcpdump-debuginfo-4.9.2-4.el7_7.1.ppc64.rpm
ppc64le: tcpdump-4.9.2-4.el7_7.1.ppc64le.rpm tcpdump-debuginfo-4.9.2-4.el7_7.1.ppc64le.rpm
s390x: tcpdump-4.9.2-4.el7_7.1.s390x.rpm tcpdump-debuginfo-4.9.2-4.el7_7.1.s390x.rpm
x86_64: tcpdump-4.9.2-4.el7_7.1.x86_64.rpm tcpdump-debuginfo-4.9.2-4.el7_7.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: tcpdump-4.9.2-4.el7_7.1.src.rpm
x86_64: tcpdump-4.9.2-4.el7_7.1.x86_64.rpm tcpdump-debuginfo-4.9.2-4.el7_7.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2018-19519 https://access.redhat.com/security/updates/classification/#low
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXd0v59zjgjWX9erEAQiWURAAoSK275KjDThA2PXizWpBo5ooIKEnzrhB Vv1sjiBO6P3HQkMh3lB8/DRrYzzV9inK64X5d0C1xkJa4rhhc0NyVAfuaQ2y5NsT +JkUFMCpNC+veWj5+gGB2Ajamgm8DUYzvBh6DXjAX5s2hOqAYkvcikXCu6wACIF/ fv0w0UKpFowELfU6YMSFxxRT1jpRNCubyQPfhTfKz8RofghGabFqSBhzO4frWclT dA5FzPt+a+XL39fwCK3xzCl89O6F1sQJ1q7BoEmCUTPlM2sdr239w14uhJmT4tJL WHEUiLxwkV5pqMwEQy5cyGgX9g9kCQivEABqXqPQkKsYxaLOkzyVmzt51iTG8/b4 l87AyG6JksynDbm5sQVMn1x0RSOGibmGacAqsQImEK/wT/jRU8nzzGNJ6WrM0mwE x08Ra4UFmZJBZnSXZYu6cyxEHDK5I4ZUBbVGoAwXoN+Jm07jeswueo0HcHVvrWAy aj1RXCsyG6vZ+ds8lPQiiNPS0cxQvhmA71WKwA+EmOTpVJYAD8zud2wwC4df6inq 6US0CBocB68XhIZ7l70BZA/cWBI1fYZw84YFFBUo13Q0OiO5E/K6U3RaYrxXZQtI DYLWi968XjgaRlOAmY5KguDJCdg05P0c90kEpwriLnc3e+ArxHNfAcAbRkolmiWW GP1oftliVec=TVn3 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 8) - aarch64, ppc64le, s390x, x86_64
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. ========================================================================= Ubuntu Security Notice USN-4252-2 January 27, 2020
tcpdump vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in tcpdump. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
Multiple security issues were discovered in tcpdump.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 ESM: tcpdump 4.9.3-0ubuntu0.14.04.1+esm1
Ubuntu 12.04 ESM: tcpdump 4.9.3-0ubuntu0.12.04.1
This update uses a new upstream release, which includes additional bug fixes.
Security Fix(es):
-
golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283)
-
SSL/TLS: CBC padding timing attack (lucky-13) (CVE-2013-0169)
-
grafana: XSS vulnerability via a column style on the "Dashboard > Table Panel" screen (CVE-2018-18624)
-
js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)
-
npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions (CVE-2019-16769)
-
kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06) (CVE-2020-7013)
-
nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or proto payload (CVE-2020-7598)
-
npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser (CVE-2020-7662)
-
nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)
-
jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
-
jQuery: passing HTML containing
-
grafana: stored XSS (CVE-2020-11110)
-
grafana: XSS annotation popup vulnerability (CVE-2020-12052)
-
grafana: XSS via column.title or cellLinkTooltip (CVE-2020-12245)
-
nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures (CVE-2020-13822)
-
golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)
-
nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function (CVE-2020-15366)
-
openshift/console: text injection on error page via crafted url (CVE-2020-10715)
-
kibana: X-Frame-Option not set by default might lead to clickjacking (CVE-2020-10743)
-
openshift: restricted SCC allows pods to craft custom network packets (CVE-2020-14336)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution:
For OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel ease-notes.html
Details on how to access this content are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster - -cli.html. Bugs fixed (https://bugzilla.redhat.com/):
907589 - CVE-2013-0169 SSL/TLS: CBC padding timing attack (lucky-13) 1701972 - CVE-2019-11358 jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection 1767665 - CVE-2020-10715 openshift/console: text injection on error page via crafted url 1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic 1813344 - CVE-2020-7598 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or proto payload 1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method 1834550 - CVE-2020-10743 kibana: X-Frame-Option not set by default might lead to clickjacking 1845982 - CVE-2020-7662 npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser 1848089 - CVE-2020-12052 grafana: XSS annotation popup vulnerability 1848092 - CVE-2019-16769 npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions 1848643 - CVE-2020-12245 grafana: XSS via column.title or cellLinkTooltip 1848647 - CVE-2020-13822 nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures 1849044 - CVE-2020-7013 kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06) 1850004 - CVE-2020-11023 jquery: Passing HTML containing
- Description:
OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
Additional Changes:
This update also fixes several bugs and adds various enhancements.
This advisory contains the following OpenShift Virtualization 2.4.0 images:
RHEL-7-CNV-2.4
kubevirt-ssp-operator-container-v2.4.0-71
RHEL-8-CNV-2.4
virt-cdi-controller-container-v2.4.0-29 virt-cdi-uploadproxy-container-v2.4.0-29 hostpath-provisioner-container-v2.4.0-25 virt-cdi-operator-container-v2.4.0-29 kubevirt-metrics-collector-container-v2.4.0-18 cnv-containernetworking-plugins-container-v2.4.0-36 kubevirt-kvm-info-nfd-plugin-container-v2.4.0-18 hostpath-provisioner-operator-container-v2.4.0-31 virt-cdi-uploadserver-container-v2.4.0-29 virt-cdi-apiserver-container-v2.4.0-29 virt-controller-container-v2.4.0-58 virt-cdi-cloner-container-v2.4.0-29 kubevirt-template-validator-container-v2.4.0-21 vm-import-operator-container-v2.4.0-21 kubernetes-nmstate-handler-container-v2.4.0-37 node-maintenance-operator-container-v2.4.0-27 virt-operator-container-v2.4.0-58 kubevirt-v2v-conversion-container-v2.4.0-23 cnv-must-gather-container-v2.4.0-73 virtio-win-container-v2.4.0-15 kubevirt-cpu-node-labeller-container-v2.4.0-19 ovs-cni-plugin-container-v2.4.0-37 kubevirt-vmware-container-v2.4.0-21 hyperconverged-cluster-operator-container-v2.4.0-70 virt-handler-container-v2.4.0-58 virt-cdi-importer-container-v2.4.0-29 virt-launcher-container-v2.4.0-58 kubevirt-cpu-model-nfd-plugin-container-v2.4.0-17 virt-api-container-v2.4.0-58 ovs-cni-marker-container-v2.4.0-38 kubemacpool-container-v2.4.0-39 cluster-network-addons-operator-container-v2.4.0-38 bridge-marker-container-v2.4.0-39 vm-import-controller-container-v2.4.0-21 hco-bundle-registry-container-v2.3.0-497
- Bugs fixed (https://bugzilla.redhat.com/):
1684772 - virt-launcher images do not have the edk2-ovmf package installed 1716329 - missing Status, Version and Label for a number of CNV components, and Status term inconsistency 1724978 - [RFE][v2v] Improve the way we display progress percent in UI 1725672 - CDI: getting error with "unknown reason" when trying to create UploadTokenRequest for a none existing pvc 1727117 - [RFE] Reduce installed libvirt components 1780473 - Delete VM is hanging if the corresponding template does not exist anymore 1787213 - KubeMacpool may not work from time to time since it is skipped when we face certificate issue. 1789564 - Failed to allocate a SRIOV VF to VMI 1795889 - internal IP shown on VMI spec instead of public one on VMI with guest-agent 1796342 - VM Failing to start since hard disk not ready 1802554 - [SSP] cpu-feature-lahf_lm and Conroe are enabled on one worker (test issue) 1805044 - No mem/filesystem/Network Utilization in VM overview 1806288 - [CDI] fails to import images that comes from url that reject HEAD requests 1806436 - [SSP] Windows common templates - Windows10 should be removed from windows-server templates, windows-server should not have desktop version 1811111 - All the VM templates are visible in the developer catalog but not really/easily instantiable 1811417 - Failed to install cnv-2.4 on top of ocp 4.4 (hco operator in crashLoopBackOff state) 1816518 - [SSP] Common templates - template name under objects -> metadata -> labels should be identical to the template actual name 1817080 - node maintenance CRD is marked with NonStructuralSchema condition 1819252 - kubevirt-ssp-operator cannot create ServiceMonitor object 1820651 - CDI import fails using block volume (available size -1) 1821209 - Debug log message looks unprofessional 1822079 - nmstate-handler fails to start and keeps restarting 1822315 - status.desiredState: doesn't pick the correct value and is null 1823342 - Invalid qcow2 image causes HTTP range error and difficult to read stack trace 1823699 - [CNV-2.4] Failing to deploy NetworkAddons 1823701 - [CNV-2.4] when a single component is failing, HCO can continue reporting outdated negative conditions also on other components 1825801 - [CNV-2.4] Failing to deploy due issues in CRD of cluster network operator 1826044 - [CNV-2.4] Failing to deploy due issues in CRD of cluster host-path-provisioner operator 1827257 - VMs' connectivity is available even the two VMs are in different vlan 1828401 - misconfigured prow job e2e-aws-4.5-cnv resulting in step e2e-aws failed: step needs a lease but no lease client provided 1829376 - VMs with blank block volumes fail to spin up 1830780 - virt-v2v-wrapper - 0% VM migration progress in UI 1831536 - kubevirt-{handler,apiserver,controller} service accounts added to the privileged SCC 1832179 - [virt] VM with runStrategy attribute (instead of 'running' attribute) does not have 'RUNNING' state in cli 1832283 - [SSP operator] Common templates and template_validator are missing after clean installation 1832291 - SSP installation is successful even with some components missing 1832769 - [kubevirt version] is not reported correctly 1833220 - CVE-2020-10749 containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters 1833376 - Hardcoded VMware-vix-disklib version 6 - import fail with version 7 1833786 - kubevirt hyperconverged-cluster-operator deploy_marketplace.sh fails in disconnected cluster 1834253 - VMs are stuck in Starting state 1835242 - Can't query SSP CRs after upgrade from 2.3 to 2.4 1835426 - [RFE] Provide a clear error message when VM and VMI name does not match 1836792 - [CNV deployment] kubevirt components are missing 1837182 - VMI virt-launcher reaches Error state after running for 10-24 hours 1837670 - Specifying "Ubuntu 18.04 LTS" force the Conroe CPU model 1838066 - [CNV deployment] kubevirt failing to create cpu-plugin-configmap obsoleteCPUs 1838424 - [Installation] CNV 2.4.0 virt-handler and kubevirt-node-labeller pods are not showing up 1839982 - [CNV][DOC] Lack of explanation for StorageClass default accessMode in openshift-cnv kubevirt-storage-class-defaults 1840047 - [CNV-2.4] virt-handler failing on /usr/bin/container-disk: no such file or directory 1840220 - [CNV-2.4] node-maintenance-operator failing to create deployment - invalid format of manifest 1840652 - Upgrade indication is missing 1841065 - [v2v] RHV to CNV: VM import fail on network mapping validation 1841325 - [CNV][V2V] VM migration fails if VMWare host isn't under Cluster but directly under Datacenter 1841505 - [CNV-2.4] virt-template-validator container fails to start 1842869 - vmi cannot be scheduled, because node labeller doesn't report correct labels 1842958 - [SSP] Fail to create Windows VMs from templates - windows-cd-bus validation added but cdrom is missing from the template 1843219 - node-labeller SCC is privileged, which appears too relaxed 1843456 - virt-launcher goes from running to error state due to panic: timed out waiting for domain to be defined 1843467 - [CNV network KMP] kubemacpool causes worker node to be Ready,SchedulingDisabled 1843519 - HCO CR is not listed when running "kubectl get all" from command line 1843948 - [Network operator] Upgrade from 2.3 to 2.4 - Network operator fails to upgrade ovs-cni pods, upgrade is not completed 1844057 - [CNV-2.4] cluster-network-addons-operator failing to start 1844105 - [SSP operator] Upgrade from 2.3.0 to 2.4.0- SSP operator fails to upgrade node labeller and template validator 1844907 - kubemacpool deployment status errors regarding replicas 1845060 - Node-labeller is in pending state when node doesn't have kvm device 1845061 - Version displayed in Container Native Virtualization OperatorHub side panel 1845477 - [SSP] Template validator fails to "Extract the CA bundle"; template validator is not called when a VM is created 1845557 - [CNV-2.4] template validator webhook fails with certification issues 1845604 - [v2v] RHV to CNV VM import: Prevent a second vm-import from starting. 1845899 - [CNV-2.5] cluster-network-addons-operator failing to start 1845901 - Filesystem corruption related to smart clone 1847070 - vmi cannot be scheduled , qemu-kvm core dump 1847594 - pods in openshift-cnv namespace no longer have openshift.io/scc under metadata.annotations 1848004 - [CNV-2.5] Deployment fails on NetworkAddonsConfigNotAvailable 1848007 - [CNV-2.4] Deployment fails on NetworkAddonsConfigNotAvailable 1848951 - CVE-2020-14316 kubevirt: VMIs can be used to access host files 1849527 - [v2v] [api] VM import RHV to CNV importer should stop send requests to RHV if they are rejected because of wrong user/pass 1849915 - [v2v] VM import RHV to CNV: The timezone data is not available in the vm-import-controller image. 1850425 - [v2v][VM import RHV to CNV] Add validation for network target type in network mapping 1850467 - [v2v] [api] VM import RHV to CNV invalid target network type should not crash the controller 1850482 - [v2v][VM import from RHV to CNV] 2 nics are mapped to a new network though second was mapped to pod. 1850937 - kubemacpool fails in a specific order of components startup 1851856 - Deployment not progressing due to PriorityClass missing 1851886 - [CNV][V2V] VMWare pod is failing when running wizard to migrate from RHV 1852446 - [v2v][RHV to CNV VM import] Windows10 VM import fail on: timezone is not UTC-compatible 1853028 - CNV must-gather failure on CNV-QE BM-RHCOS environment 1853133 - [CNV-2.4] Deployment fails on KubeVirtMetricsAggregationNotAvailable 1853373 - virtctl image-upload fails to upload an image if the dv name includes a "." 1854419 - [Re-brand] Align CSV 1854744 - To stabilize some tests I need to backport PRs which change production code 1855256 - [v2v][RHV to CNV VM import] Empty directories created for vm-import-operator/controller logs in cnv-must-gather 1856438 - [CNAO] Upgrade is not completed (wrong operatorVersion), CR is not updated. 1856447 - CNV upgrade - HCO fails to identify wrong observedVersion in CR, HCO is reported as READY 1856979 - Domain notify errors break VMI migrations and graceful shutdown
5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0538",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tcpdump",
"scope": "eq",
"trust": 2.6,
"vendor": "tcpdump",
"version": "4.9.2"
},
{
"model": "tcpdump",
"scope": "eq",
"trust": 0.8,
"vendor": "the tcpdump group",
"version": "4.9.2"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-41451"
},
{
"db": "VULMON",
"id": "CVE-2018-19519"
},
{
"db": "BID",
"id": "106098"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012466"
},
{
"db": "NVD",
"id": "CVE-2018-19519"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-665"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:tcpdump:tcpdump:4.9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19519"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sam Fowler,Ubuntu,Red Hat",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-665"
}
],
"trust": 0.6
},
"cve": "CVE-2018-19519",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-19519",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2019-41451",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-19519",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-19519",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2019-41451",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-665",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-19519",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-41451"
},
{
"db": "VULMON",
"id": "CVE-2018-19519"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012466"
},
{
"db": "NVD",
"id": "CVE-2018-19519"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-665"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization. tcpdump Contains an out-of-bounds vulnerability.Information may be obtained. TcpDump can completely intercept the data packets transmitted in the network for analysis. It supports filtering for the network layer, protocol, host, network or port, and provides logical statements such as and, or, not to help you remove useless information. The vulnerability stems from a lack of initialization. Tcpdump is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. \nAn attacker can exploit this issue to execute arbitrary code in the context of an affected system. Failed exploit attempts may result in a denial-of-service condition; this can result in the attacker gaining complete control of the affected system. \nTcpdump version 4.9.2 is vulnerable. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Low: tcpdump security update\nAdvisory ID: RHSA-2019:3976-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2019:3976\nIssue date: 2019-11-26\nCVE Names: CVE-2018-19519\n====================================================================\n1. Summary:\n\nAn update for tcpdump is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Low. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nThe tcpdump packages contain the tcpdump utility for monitoring network\ntraffic. The tcpdump utility can capture and display the packet headers on\na particular network interface or on all interfaces. \n\nSecurity Fix(es):\n\n* tcpdump: Stack-based buffer over-read in print-hncp.c:print_prefix() via\ncrafted pcap (CVE-2018-19519)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\ntcpdump-4.9.2-4.el7_7.1.src.rpm\n\nx86_64:\ntcpdump-4.9.2-4.el7_7.1.x86_64.rpm\ntcpdump-debuginfo-4.9.2-4.el7_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\ntcpdump-4.9.2-4.el7_7.1.src.rpm\n\nx86_64:\ntcpdump-4.9.2-4.el7_7.1.x86_64.rpm\ntcpdump-debuginfo-4.9.2-4.el7_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\ntcpdump-4.9.2-4.el7_7.1.src.rpm\n\nppc64:\ntcpdump-4.9.2-4.el7_7.1.ppc64.rpm\ntcpdump-debuginfo-4.9.2-4.el7_7.1.ppc64.rpm\n\nppc64le:\ntcpdump-4.9.2-4.el7_7.1.ppc64le.rpm\ntcpdump-debuginfo-4.9.2-4.el7_7.1.ppc64le.rpm\n\ns390x:\ntcpdump-4.9.2-4.el7_7.1.s390x.rpm\ntcpdump-debuginfo-4.9.2-4.el7_7.1.s390x.rpm\n\nx86_64:\ntcpdump-4.9.2-4.el7_7.1.x86_64.rpm\ntcpdump-debuginfo-4.9.2-4.el7_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\ntcpdump-4.9.2-4.el7_7.1.src.rpm\n\nx86_64:\ntcpdump-4.9.2-4.el7_7.1.x86_64.rpm\ntcpdump-debuginfo-4.9.2-4.el7_7.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2018-19519\nhttps://access.redhat.com/security/updates/classification/#low\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXd0v59zjgjWX9erEAQiWURAAoSK275KjDThA2PXizWpBo5ooIKEnzrhB\nVv1sjiBO6P3HQkMh3lB8/DRrYzzV9inK64X5d0C1xkJa4rhhc0NyVAfuaQ2y5NsT\n+JkUFMCpNC+veWj5+gGB2Ajamgm8DUYzvBh6DXjAX5s2hOqAYkvcikXCu6wACIF/\nfv0w0UKpFowELfU6YMSFxxRT1jpRNCubyQPfhTfKz8RofghGabFqSBhzO4frWclT\ndA5FzPt+a+XL39fwCK3xzCl89O6F1sQJ1q7BoEmCUTPlM2sdr239w14uhJmT4tJL\nWHEUiLxwkV5pqMwEQy5cyGgX9g9kCQivEABqXqPQkKsYxaLOkzyVmzt51iTG8/b4\nl87AyG6JksynDbm5sQVMn1x0RSOGibmGacAqsQImEK/wT/jRU8nzzGNJ6WrM0mwE\nx08Ra4UFmZJBZnSXZYu6cyxEHDK5I4ZUBbVGoAwXoN+Jm07jeswueo0HcHVvrWAy\naj1RXCsyG6vZ+ds8lPQiiNPS0cxQvhmA71WKwA+EmOTpVJYAD8zud2wwC4df6inq\n6US0CBocB68XhIZ7l70BZA/cWBI1fYZw84YFFBUo13Q0OiO5E/K6U3RaYrxXZQtI\nDYLWi968XjgaRlOAmY5KguDJCdg05P0c90kEpwriLnc3e+ArxHNfAcAbRkolmiWW\nGP1oftliVec=TVn3\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 8) - aarch64, ppc64le, s390x, x86_64\n\n3. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.2 Release Notes linked from the References section. =========================================================================\nUbuntu Security Notice USN-4252-2\nJanuary 27, 2020\n\ntcpdump vulnerabilities\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 ESM\n- Ubuntu 12.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in tcpdump. This update provides\nthe corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. \n\nOriginal advisory details:\n\n Multiple security issues were discovered in tcpdump. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 ESM:\n tcpdump 4.9.3-0ubuntu0.14.04.1+esm1\n\nUbuntu 12.04 ESM:\n tcpdump 4.9.3-0ubuntu0.12.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. \n\nSecurity Fix(es):\n\n* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows\nfor panic (CVE-2020-9283)\n\n* SSL/TLS: CBC padding timing attack (lucky-13) (CVE-2013-0169)\n\n* grafana: XSS vulnerability via a column style on the \"Dashboard \u003e Table\nPanel\" screen (CVE-2018-18624)\n\n* js-jquery: prototype pollution in object\u0027s prototype leading to denial of\nservice or remote code execution or property injection (CVE-2019-11358)\n\n* npm-serialize-javascript: XSS via unsafe characters in serialized regular\nexpressions (CVE-2019-16769)\n\n* kibana: Prototype pollution in TSVB could result in arbitrary code\nexecution (ESA-2020-06) (CVE-2020-7013)\n\n* nodejs-minimist: prototype pollution allows adding or modifying\nproperties of Object.prototype using a constructor or __proto__ payload\n(CVE-2020-7598)\n\n* npmjs-websocket-extensions: ReDoS vulnerability in\nSec-WebSocket-Extensions parser (CVE-2020-7662)\n\n* nodejs-lodash: prototype pollution in zipObjectDeep function\n(CVE-2020-8203)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter\nmethod (CVE-2020-11022)\n\n* jQuery: passing HTML containing \u003coption\u003e elements to manipulation methods\ncould result in untrusted code execution (CVE-2020-11023)\n\n* grafana: stored XSS (CVE-2020-11110)\n\n* grafana: XSS annotation popup vulnerability (CVE-2020-12052)\n\n* grafana: XSS via column.title or cellLinkTooltip (CVE-2020-12245)\n\n* nodejs-elliptic: improper encoding checks allows a certain degree of\nsignature malleability in ECDSA signatures (CVE-2020-13822)\n\n* golang.org/x/text: possibility to trigger an infinite loop in\nencoding/unicode could lead to crash (CVE-2020-14040)\n\n* nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate\nfunction (CVE-2020-15366)\n\n* openshift/console: text injection on error page via crafted url\n(CVE-2020-10715)\n\n* kibana: X-Frame-Option not set by default might lead to clickjacking\n(CVE-2020-10743)\n\n* openshift: restricted SCC allows pods to craft custom network packets\n(CVE-2020-14336)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. Solution:\n\nFor OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel\nease-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster\n- -cli.html. Bugs fixed (https://bugzilla.redhat.com/):\n\n907589 - CVE-2013-0169 SSL/TLS: CBC padding timing attack (lucky-13)\n1701972 - CVE-2019-11358 jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection\n1767665 - CVE-2020-10715 openshift/console: text injection on error page via crafted url\n1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic\n1813344 - CVE-2020-7598 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload\n1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method\n1834550 - CVE-2020-10743 kibana: X-Frame-Option not set by default might lead to clickjacking\n1845982 - CVE-2020-7662 npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser\n1848089 - CVE-2020-12052 grafana: XSS annotation popup vulnerability\n1848092 - CVE-2019-16769 npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions\n1848643 - CVE-2020-12245 grafana: XSS via column.title or cellLinkTooltip\n1848647 - CVE-2020-13822 nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures\n1849044 - CVE-2020-7013 kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06)\n1850004 - CVE-2020-11023 jquery: Passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution\n1850572 - CVE-2018-18624 grafana: XSS vulnerability via a column style on the \"Dashboard \u003e Table Panel\" screen\n1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash\n1857412 - CVE-2020-8203 nodejs-lodash: prototype pollution in zipObjectDeep function\n1857977 - CVE-2020-15366 nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function\n1858981 - CVE-2020-14336 openshift: restricted SCC allows pods to craft custom network packets\n1861044 - CVE-2020-11110 grafana: stored XSS\n1874671 - CVE-2020-14336 ose-machine-config-operator-container: openshift: restricted SCC allows pods to craft custom network packets [openshift-4]\n\n5. Description:\n\nOpenShift Virtualization is Red Hat\u0027s virtualization solution designed for\nRed Hat OpenShift Container Platform. \n\nAdditional Changes:\n\nThis update also fixes several bugs and adds various enhancements. \n\nThis advisory contains the following OpenShift Virtualization 2.4.0 images:\n\nRHEL-7-CNV-2.4\n==============\nkubevirt-ssp-operator-container-v2.4.0-71\n\nRHEL-8-CNV-2.4\n==============\nvirt-cdi-controller-container-v2.4.0-29\nvirt-cdi-uploadproxy-container-v2.4.0-29\nhostpath-provisioner-container-v2.4.0-25\nvirt-cdi-operator-container-v2.4.0-29\nkubevirt-metrics-collector-container-v2.4.0-18\ncnv-containernetworking-plugins-container-v2.4.0-36\nkubevirt-kvm-info-nfd-plugin-container-v2.4.0-18\nhostpath-provisioner-operator-container-v2.4.0-31\nvirt-cdi-uploadserver-container-v2.4.0-29\nvirt-cdi-apiserver-container-v2.4.0-29\nvirt-controller-container-v2.4.0-58\nvirt-cdi-cloner-container-v2.4.0-29\nkubevirt-template-validator-container-v2.4.0-21\nvm-import-operator-container-v2.4.0-21\nkubernetes-nmstate-handler-container-v2.4.0-37\nnode-maintenance-operator-container-v2.4.0-27\nvirt-operator-container-v2.4.0-58\nkubevirt-v2v-conversion-container-v2.4.0-23\ncnv-must-gather-container-v2.4.0-73\nvirtio-win-container-v2.4.0-15\nkubevirt-cpu-node-labeller-container-v2.4.0-19\novs-cni-plugin-container-v2.4.0-37\nkubevirt-vmware-container-v2.4.0-21\nhyperconverged-cluster-operator-container-v2.4.0-70\nvirt-handler-container-v2.4.0-58\nvirt-cdi-importer-container-v2.4.0-29\nvirt-launcher-container-v2.4.0-58\nkubevirt-cpu-model-nfd-plugin-container-v2.4.0-17\nvirt-api-container-v2.4.0-58\novs-cni-marker-container-v2.4.0-38\nkubemacpool-container-v2.4.0-39\ncluster-network-addons-operator-container-v2.4.0-38\nbridge-marker-container-v2.4.0-39\nvm-import-controller-container-v2.4.0-21\nhco-bundle-registry-container-v2.3.0-497\n\n3. Bugs fixed (https://bugzilla.redhat.com/):\n\n1684772 - virt-launcher images do not have the edk2-ovmf package installed\n1716329 - missing Status, Version and Label for a number of CNV components, and Status term inconsistency\n1724978 - [RFE][v2v] Improve the way we display progress percent in UI\n1725672 - CDI: getting error with \"unknown reason\" when trying to create UploadTokenRequest for a none existing pvc\n1727117 - [RFE] Reduce installed libvirt components\n1780473 - Delete VM is hanging if the corresponding template does not exist anymore\n1787213 - KubeMacpool may not work from time to time since it is skipped when we face certificate issue. \n1789564 - Failed to allocate a SRIOV VF to VMI\n1795889 - internal IP shown on VMI spec instead of public one on VMI with guest-agent\n1796342 - VM Failing to start since hard disk not ready\n1802554 - [SSP] cpu-feature-lahf_lm and Conroe are enabled on one worker (test issue)\n1805044 - No mem/filesystem/Network Utilization in VM overview\n1806288 - [CDI] fails to import images that comes from url that reject HEAD requests\n1806436 - [SSP] Windows common templates - Windows10 should be removed from windows-server* templates, windows-server* should not have desktop version\n1811111 - All the VM templates are visible in the developer catalog but not really/easily instantiable\n1811417 - Failed to install cnv-2.4 on top of ocp 4.4 (hco operator in crashLoopBackOff state)\n1816518 - [SSP] Common templates - template name under objects -\u003e metadata -\u003e labels should be identical to the template actual name\n1817080 - node maintenance CRD is marked with NonStructuralSchema condition\n1819252 - kubevirt-ssp-operator cannot create ServiceMonitor object\n1820651 - CDI import fails using block volume (available size -1)\n1821209 - Debug log message looks unprofessional\n1822079 - nmstate-handler fails to start and keeps restarting\n1822315 - status.desiredState: doesn\u0027t pick the correct value and is null\n1823342 - Invalid qcow2 image causes HTTP range error and difficult to read stack trace\n1823699 - [CNV-2.4] Failing to deploy NetworkAddons\n1823701 - [CNV-2.4] when a single component is failing, HCO can continue reporting outdated negative conditions also on other components\n1825801 - [CNV-2.4] Failing to deploy due issues in CRD of cluster network operator\n1826044 - [CNV-2.4] Failing to deploy due issues in CRD of cluster host-path-provisioner operator\n1827257 - VMs\u0027 connectivity is available even the two VMs are in different vlan\n1828401 - misconfigured prow job e2e-aws-4.5-cnv resulting in step e2e-aws failed: step needs a lease but no lease client provided\n1829376 - VMs with blank block volumes fail to spin up\n1830780 - virt-v2v-wrapper - 0% VM migration progress in UI\n1831536 - kubevirt-{handler,apiserver,controller} service accounts added to the privileged SCC\n1832179 - [virt] VM with runStrategy attribute (instead of \u0027running\u0027 attribute) does not have \u0027RUNNING\u0027 state in cli\n1832283 - [SSP operator] Common templates and template_validator are missing after clean installation\n1832291 - SSP installation is successful even with some components missing\n1832769 - [kubevirt version] is not reported correctly\n1833220 - CVE-2020-10749 containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters\n1833376 - Hardcoded VMware-vix-disklib version 6 - import fail with version 7\n1833786 - kubevirt hyperconverged-cluster-operator deploy_marketplace.sh fails in disconnected cluster\n1834253 - VMs are stuck in Starting state\n1835242 - Can\u0027t query SSP CRs after upgrade from 2.3 to 2.4\n1835426 - [RFE] Provide a clear error message when VM and VMI name does not match\n1836792 - [CNV deployment] kubevirt components are missing\n1837182 - VMI virt-launcher reaches Error state after running for 10-24 hours\n1837670 - Specifying \"Ubuntu 18.04 LTS\" force the Conroe CPU model\n1838066 - [CNV deployment] kubevirt failing to create cpu-plugin-configmap obsoleteCPUs\n1838424 - [Installation] CNV 2.4.0 virt-handler and kubevirt-node-labeller pods are not showing up\n1839982 - [CNV][DOC] Lack of explanation for StorageClass default accessMode in openshift-cnv kubevirt-storage-class-defaults\n1840047 - [CNV-2.4] virt-handler failing on /usr/bin/container-disk: no such file or directory\n1840220 - [CNV-2.4] node-maintenance-operator failing to create deployment - invalid format of manifest\n1840652 - Upgrade indication is missing\n1841065 - [v2v] RHV to CNV: VM import fail on network mapping validation\n1841325 - [CNV][V2V] VM migration fails if VMWare host isn\u0027t under Cluster but directly under Datacenter\n1841505 - [CNV-2.4] virt-template-validator container fails to start\n1842869 - vmi cannot be scheduled, because node labeller doesn\u0027t report correct labels\n1842958 - [SSP] Fail to create Windows VMs from templates - windows-cd-bus validation added but cdrom is missing from the template\n1843219 - node-labeller SCC is privileged, which appears too relaxed\n1843456 - virt-launcher goes from running to error state due to panic: timed out waiting for domain to be defined\n1843467 - [CNV network KMP] kubemacpool causes worker node to be Ready,SchedulingDisabled\n1843519 - HCO CR is not listed when running \"kubectl get all\" from command line\n1843948 - [Network operator] Upgrade from 2.3 to 2.4 - Network operator fails to upgrade ovs-cni pods, upgrade is not completed\n1844057 - [CNV-2.4] cluster-network-addons-operator failing to start\n1844105 - [SSP operator] Upgrade from 2.3.0 to 2.4.0- SSP operator fails to upgrade node labeller and template validator\n1844907 - kubemacpool deployment status errors regarding replicas\n1845060 - Node-labeller is in pending state when node doesn\u0027t have kvm device\n1845061 - Version displayed in Container Native Virtualization OperatorHub side panel\n1845477 - [SSP] Template validator fails to \"Extract the CA bundle\"; template validator is not called when a VM is created\n1845557 - [CNV-2.4] template validator webhook fails with certification issues\n1845604 - [v2v] RHV to CNV VM import: Prevent a second vm-import from starting. \n1845899 - [CNV-2.5] cluster-network-addons-operator failing to start\n1845901 - Filesystem corruption related to smart clone\n1847070 - vmi cannot be scheduled , qemu-kvm core dump\n1847594 - pods in openshift-cnv namespace no longer have openshift.io/scc under metadata.annotations\n1848004 - [CNV-2.5] Deployment fails on NetworkAddonsConfigNotAvailable\n1848007 - [CNV-2.4] Deployment fails on NetworkAddonsConfigNotAvailable\n1848951 - CVE-2020-14316 kubevirt: VMIs can be used to access host files\n1849527 - [v2v] [api] VM import RHV to CNV importer should stop send requests to RHV if they are rejected because of wrong user/pass\n1849915 - [v2v] VM import RHV to CNV: The timezone data is not available in the vm-import-controller image. \n1850425 - [v2v][VM import RHV to CNV] Add validation for network target type in network mapping\n1850467 - [v2v] [api] VM import RHV to CNV invalid target network type should not crash the controller\n1850482 - [v2v][VM import from RHV to CNV] 2 nics are mapped to a new network though second was mapped to pod. \n1850937 - kubemacpool fails in a specific order of components startup\n1851856 - Deployment not progressing due to PriorityClass missing\n1851886 - [CNV][V2V] VMWare pod is failing when running wizard to migrate from RHV\n1852446 - [v2v][RHV to CNV VM import] Windows10 VM import fail on: timezone is not UTC-compatible\n1853028 - CNV must-gather failure on CNV-QE BM-RHCOS environment\n1853133 - [CNV-2.4] Deployment fails on KubeVirtMetricsAggregationNotAvailable\n1853373 - virtctl image-upload fails to upload an image if the dv name includes a \".\"\n1854419 - [Re-brand] Align CSV\n1854744 - To stabilize some tests I need to backport PRs which change production code\n1855256 - [v2v][RHV to CNV VM import] Empty directories created for vm-import-operator/controller logs in cnv-must-gather\n1856438 - [CNAO] Upgrade is not completed (wrong operatorVersion), CR is not updated. \n1856447 - CNV upgrade - HCO fails to identify wrong observedVersion in CR, HCO is reported as READY\n1856979 - Domain notify errors break VMI migrations and graceful shutdown\n\n5",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19519"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012466"
},
{
"db": "CNVD",
"id": "CNVD-2019-41451"
},
{
"db": "BID",
"id": "106098"
},
{
"db": "VULMON",
"id": "CVE-2018-19519"
},
{
"db": "PACKETSTORM",
"id": "155468"
},
{
"db": "PACKETSTORM",
"id": "156096"
},
{
"db": "PACKETSTORM",
"id": "157466"
},
{
"db": "PACKETSTORM",
"id": "156097"
},
{
"db": "PACKETSTORM",
"id": "159727"
},
{
"db": "PACKETSTORM",
"id": "158637"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19519",
"trust": 4.0
},
{
"db": "BID",
"id": "106098",
"trust": 2.0
},
{
"db": "PULSESECURE",
"id": "SA44516",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012466",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "155468",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "157466",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "156097",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "159727",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "158637",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-41451",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2593",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4489",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1538",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0289",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3700",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.0593",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201811-665",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-19519",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "156096",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-41451"
},
{
"db": "VULMON",
"id": "CVE-2018-19519"
},
{
"db": "BID",
"id": "106098"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012466"
},
{
"db": "PACKETSTORM",
"id": "155468"
},
{
"db": "PACKETSTORM",
"id": "156096"
},
{
"db": "PACKETSTORM",
"id": "157466"
},
{
"db": "PACKETSTORM",
"id": "156097"
},
{
"db": "PACKETSTORM",
"id": "159727"
},
{
"db": "PACKETSTORM",
"id": "158637"
},
{
"db": "NVD",
"id": "CVE-2018-19519"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-665"
}
]
},
"id": "VAR-201811-0538",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-41451"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-41451"
}
]
},
"last_update_date": "2023-12-18T10:48:59.880000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.tcpdump.org/"
},
{
"title": "Red Hat: Low: tcpdump security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20193976 - security advisory"
},
{
"title": "Red Hat: Low: tcpdump security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20201604 - security advisory"
},
{
"title": "Red Hat: CVE-2018-19519",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2018-19519"
},
{
"title": "IBM: IBM Security Bulletin: Vulnerability in tcpdump affects AIX (CVE-2018-19519) Security Bulletin",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=59fd3d8b6912a340a48ce5972041189c"
},
{
"title": "Amazon Linux 2: ALAS2-2020-1385",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2-2020-1385"
},
{
"title": "Ubuntu Security Notice: tcpdump vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-4252-2"
},
{
"title": "Ubuntu Security Notice: tcpdump vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-4252-1"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-19519"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012466"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.8
},
{
"problemtype": "CWE-909",
"trust": 1.0
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012466"
},
{
"db": "NVD",
"id": "CVE-2018-19519"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.securityfocus.com/bid/106098"
},
{
"trust": 2.8,
"url": "https://github.com/zyingp/temp/blob/master/tcpdump.md"
},
{
"trust": 2.4,
"url": "https://access.redhat.com/errata/rhsa-2019:3976"
},
{
"trust": 2.3,
"url": "https://usn.ubuntu.com/4252-2/"
},
{
"trust": 2.2,
"url": "https://usn.ubuntu.com/4252-1/"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19519"
},
{
"trust": 1.6,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa44516"
},
{
"trust": 1.3,
"url": "https://access.redhat.com/security/cve/cve-2018-19519"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62xy42u6hy3h2apr5ehnwcz7saqnmmjn/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/fnyxf3iy2x65iod422sa6equulsgw7fn/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/r2udposgvjqiyc33sqbxmdxhh4qdsdmu/"
},
{
"trust": 0.9,
"url": "http://www.tcpdump.org/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19519"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62xy42u6hy3h2apr5ehnwcz7saqnmmjn/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/fnyxf3iy2x65iod422sa6equulsgw7fn/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/r2udposgvjqiyc33sqbxmdxhh4qdsdmu/"
},
{
"trust": 0.6,
"url": "http://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory4.asc"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss"
},
{
"trust": 0.6,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10873086"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3700/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155468/red-hat-security-advisory-2019-3976-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1538/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/158637/red-hat-security-advisory-2020-3194-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/157466/red-hat-security-advisory-2020-1604-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/76122"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4489/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2593/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0289/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156097/ubuntu-security-notice-usn-4252-2.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-is-affected-by-a-tcpdump-vulnerability-cve-2018-19519/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/159727/red-hat-security-advisory-2020-4298-01.html"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-16808"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14882"
},
{
"trust": 0.2,
"url": "https://usn.ubuntu.com/4252-1"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14462"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14466"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16230"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14470"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-20852"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-19126"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-12448"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-1549"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-9251"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-17451"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-20060"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-1547"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-5482"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20060"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-13752"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-11324"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-19925"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-1010204"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11324"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11236"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-5481"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12447"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-12049"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-5436"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-13753"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-12447"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-5094"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-3844"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20852"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-1010180"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-3825"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-18074"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20337"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-19923"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-14822"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14404"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-12449"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8457"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-15847"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-11236"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-19924"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-14404"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1010204"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-1563"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-16056"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-20337"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-18074"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-19959"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-13232"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-3843"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1010180"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12449"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-9251"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12448"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-11008"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/125.html"
},
{
"trust": 0.1,
"url": "https://tools.cisco.com/security/center/viewalert.x?alertid=59195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/tcpdump/4.9.3-0ubuntu0.16.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/tcpdump/4.9.3-0ubuntu0.18.04.1"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:1604"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4252-2"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8768"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8535"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10743"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-15718"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20657"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-1712"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8518"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8611"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8203"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-6251"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8676"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11070"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-7150"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-7664"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8607"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12052"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14973"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8623"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-15366"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8594"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8690"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8601"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-3822"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-3823"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-7146"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-7013"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8524"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-10739"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-18751"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16890"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8536"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8686"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8671"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8544"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8571"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-15719"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2013-0169"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8677"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-18624"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8595"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8558"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11459"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11358"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8679"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-12795"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-20657"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-6454"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-12450"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20483"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14336"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8619"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:4298"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8622"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-7598"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8681"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8523"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0169"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-6237"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-6706"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-20483"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8673"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8559"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8687"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13822"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.6/updating/updating-cluster"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-16769"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8672"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-11023"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11358"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8608"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-7662"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8615"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-7665"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8666"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-5953"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8689"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14498"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8735"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8586"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12245"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8726"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8596"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8696"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8610"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-18408"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-13636"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16890"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11070"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14498"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-7149"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12450"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-10739"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-11110"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8584"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8675"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8563"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10531"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14040"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10715"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8609"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9283"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8587"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-18751"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8506"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-18624"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-11022"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8583"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11459"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8597"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-11080"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17451"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19807"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14563"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10754"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13777"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10749"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-11501"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-7263"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8616"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1549"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14563"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1563"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-16056"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:3194"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12888"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13752"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13753"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12662"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12663"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7263"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14822"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10757"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10766"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13232"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10768"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14316"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12653"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-18934"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10767"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19232"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1547"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15847"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-3016"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12654"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-41451"
},
{
"db": "VULMON",
"id": "CVE-2018-19519"
},
{
"db": "BID",
"id": "106098"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012466"
},
{
"db": "PACKETSTORM",
"id": "155468"
},
{
"db": "PACKETSTORM",
"id": "156096"
},
{
"db": "PACKETSTORM",
"id": "157466"
},
{
"db": "PACKETSTORM",
"id": "156097"
},
{
"db": "PACKETSTORM",
"id": "159727"
},
{
"db": "PACKETSTORM",
"id": "158637"
},
{
"db": "NVD",
"id": "CVE-2018-19519"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-665"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-41451"
},
{
"db": "VULMON",
"id": "CVE-2018-19519"
},
{
"db": "BID",
"id": "106098"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012466"
},
{
"db": "PACKETSTORM",
"id": "155468"
},
{
"db": "PACKETSTORM",
"id": "156096"
},
{
"db": "PACKETSTORM",
"id": "157466"
},
{
"db": "PACKETSTORM",
"id": "156097"
},
{
"db": "PACKETSTORM",
"id": "159727"
},
{
"db": "PACKETSTORM",
"id": "158637"
},
{
"db": "NVD",
"id": "CVE-2018-19519"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-665"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-41451"
},
{
"date": "2018-11-25T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19519"
},
{
"date": "2018-12-03T00:00:00",
"db": "BID",
"id": "106098"
},
{
"date": "2019-02-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012466"
},
{
"date": "2019-11-26T17:22:11",
"db": "PACKETSTORM",
"id": "155468"
},
{
"date": "2020-01-27T22:54:52",
"db": "PACKETSTORM",
"id": "156096"
},
{
"date": "2020-04-28T20:39:49",
"db": "PACKETSTORM",
"id": "157466"
},
{
"date": "2020-01-27T22:55:02",
"db": "PACKETSTORM",
"id": "156097"
},
{
"date": "2020-10-27T16:59:02",
"db": "PACKETSTORM",
"id": "159727"
},
{
"date": "2020-07-29T00:06:36",
"db": "PACKETSTORM",
"id": "158637"
},
{
"date": "2018-11-25T20:29:00.273000",
"db": "NVD",
"id": "CVE-2018-19519"
},
{
"date": "2018-11-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-665"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-41451"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19519"
},
{
"date": "2018-12-03T00:00:00",
"db": "BID",
"id": "106098"
},
{
"date": "2019-02-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012466"
},
{
"date": "2023-11-07T02:55:34.093000",
"db": "NVD",
"id": "CVE-2018-19519"
},
{
"date": "2020-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-665"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-665"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "tcpdump Vulnerable to out-of-bounds reading",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012466"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-665"
}
],
"trust": 0.6
}
}
gsd-2018-19519
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-19519",
"description": "In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.",
"id": "GSD-2018-19519",
"references": [
"https://www.suse.com/security/cve/CVE-2018-19519.html",
"https://access.redhat.com/errata/RHSA-2020:1604",
"https://access.redhat.com/errata/RHSA-2019:3976",
"https://ubuntu.com/security/CVE-2018-19519",
"https://advisories.mageia.org/CVE-2018-19519.html",
"https://linux.oracle.com/cve/CVE-2018-19519.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-19519"
],
"details": "In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.",
"id": "GSD-2018-19519",
"modified": "2023-12-13T01:22:38.952351Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19519",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106098",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106098"
},
{
"name": "https://github.com/zyingp/temp/blob/master/tcpdump.md",
"refsource": "MISC",
"url": "https://github.com/zyingp/temp/blob/master/tcpdump.md"
},
{
"name": "FEDORA-2019-85d92df70f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"name": "FEDORA-2019-d06bc63433",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
},
{
"name": "FEDORA-2019-6db0d5b9d9",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/"
},
{
"name": "RHSA-2019:3976",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3976"
},
{
"name": "USN-4252-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4252-2/"
},
{
"name": "USN-4252-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4252-1/"
},
{
"name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516",
"refsource": "CONFIRM",
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:tcpdump:tcpdump:4.9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19519"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-909"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/zyingp/temp/blob/master/tcpdump.md",
"refsource": "MISC",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/zyingp/temp/blob/master/tcpdump.md"
},
{
"name": "106098",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106098"
},
{
"name": "FEDORA-2019-85d92df70f",
"refsource": "FEDORA",
"tags": [],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"name": "FEDORA-2019-d06bc63433",
"refsource": "FEDORA",
"tags": [],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
},
{
"name": "FEDORA-2019-6db0d5b9d9",
"refsource": "FEDORA",
"tags": [],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/"
},
{
"name": "RHSA-2019:3976",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:3976"
},
{
"name": "USN-4252-2",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/4252-2/"
},
{
"name": "USN-4252-1",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/4252-1/"
},
{
"name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516",
"refsource": "CONFIRM",
"tags": [],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2020-08-24T17:37Z",
"publishedDate": "2018-11-25T20:29Z"
}
}
}
ghsa-7252-xx9j-xr4g
Vulnerability from github
Published
2022-05-13 01:19
Modified
2022-05-13 01:19
Severity ?
Details
In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.
{
"affected": [],
"aliases": [
"CVE-2018-19519"
],
"database_specific": {
"cwe_ids": [
"CWE-125"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-11-25T20:29:00Z",
"severity": "MODERATE"
},
"details": "In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.",
"id": "GHSA-7252-xx9j-xr4g",
"modified": "2022-05-13T01:19:48Z",
"published": "2022-05-13T01:19:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19519"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3976"
},
{
"type": "WEB",
"url": "https://github.com/zyingp/temp/blob/master/tcpdump.md"
},
{
"type": "WEB",
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4252-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4252-2"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/106098"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.