Vulnerability from csaf_suse
Published
2017-10-26 07:44
Modified
2017-10-26 07:44
Summary
Security update for tcpdump
Notes
Title of the patch
Security update for tcpdump
Description of the patch
This update for tcpdump to version 4.9.2 fixes several issues.
These security issues were fixed:
- CVE-2017-11108: Prevent remote attackers to cause DoS (heap-based buffer over-read and application crash) via crafted packet data. The crash occured in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol (bsc#1047873, bsc#1057247).
- CVE-2017-11543: Prevent buffer overflow in the sliplink_print function in print-sl.c that allowed remote DoS (bsc#1057247).
- CVE-2017-13011: Prevent buffer overflow in bittok2str_internal() that allowed remote DoS (bsc#1057247)
- CVE-2017-12989: Prevent infinite loop in the RESP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12990: Prevent infinite loop in the ISAKMP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12995: Prevent infinite loop in the DNS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12997: Prevent infinite loop in the LLDP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-11541: Prevent heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c that allowed remote DoS (bsc#1057247).
- CVE-2017-11542: Prevent heap-based buffer over-read in the pimv1_print function in print-pim.c that allowed remote DoS (bsc#1057247).
- CVE-2017-12893: Prevent buffer over-read in the SMB/CIFS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12894: Prevent buffer over-read in several protocol parsers that allowed remote DoS (bsc#1057247)
- CVE-2017-12895: Prevent buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12896: Prevent buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12897: Prevent buffer over-read in the ISO CLNS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12898: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12899: Prevent buffer over-read in the DECnet parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12900: Prevent buffer over-read in the in several protocol parsers that allowed remote DoS (bsc#1057247)
- CVE-2017-12901: Prevent buffer over-read in the EIGRP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12902: Prevent buffer over-read in the Zephyr parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12985: Prevent buffer over-read in the IPv6 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12986: Prevent buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12987: Prevent buffer over-read in the 802.11 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12988: Prevent buffer over-read in the telnet parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12991: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12992: Prevent buffer over-read in the RIPng parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12993: Prevent buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12994: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12996: Prevent buffer over-read in the PIMv2 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12998: Prevent buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12999: Prevent buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13000: Prevent buffer over-read in the IEEE 802.15.4 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13001: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13002: Prevent buffer over-read in the AODV parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13003: Prevent buffer over-read in the LMP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13004: Prevent buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13005: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13006: Prevent buffer over-read in the L2TP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13007: Prevent buffer over-read in the Apple PKTAP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13008: Prevent buffer over-read in the IEEE 802.11 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13009: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13010: Prevent buffer over-read in the BEEP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13012: Prevent buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13013: Prevent buffer over-read in the ARP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13014: Prevent buffer over-read in the White Board protocol parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13015: Prevent buffer over-read in the EAP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13016: Prevent buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13017: Prevent buffer over-read in the DHCPv6 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13018: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13019: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13020: Prevent buffer over-read in the VTP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13021: Prevent buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13022: Prevent buffer over-read in the IP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13023: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13024: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13025: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13026: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13027: Prevent buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13028: Prevent buffer over-read in the BOOTP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13029: Prevent buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13030: Prevent buffer over-read in the PIM parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13031: Prevent buffer over-read in the IPv6 fragmentation header parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13032: Prevent buffer over-read in the RADIUS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13033: Prevent buffer over-read in the VTP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13034: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13035: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13036: Prevent buffer over-read in the OSPFv3 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13037: Prevent buffer over-read in the IP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13038: Prevent buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13039: Prevent buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13040: Prevent buffer over-read in the MPTCP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13041: Prevent buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13042: Prevent buffer over-read in the HNCP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13043: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13044: Prevent buffer over-read in the HNCP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13045: Prevent buffer over-read in the VQP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13046: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13047: Prevent buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13048: Prevent buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13049: Prevent buffer over-read in the Rx protocol parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13050: Prevent buffer over-read in the RPKI-Router parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13051: Prevent buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13052: Prevent buffer over-read in the CFM parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13053: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13054: Prevent buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13055: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13687: Prevent buffer over-read in the Cisco HDLC parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13688: Prevent buffer over-read in the OLSR parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13689: Prevent buffer over-read in the IKEv1 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13690: Prevent buffer over-read in the IKEv2 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13725: Prevent buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247)
- Prevent segmentation fault in ESP decoder with OpenSSL 1.1 (bsc#1057247)
Patchnames
SUSE-SLE-DESKTOP-12-SP2-2017-1776,SUSE-SLE-DESKTOP-12-SP3-2017-1776,SUSE-SLE-RPI-12-SP2-2017-1776,SUSE-SLE-SERVER-12-SP2-2017-1776,SUSE-SLE-SERVER-12-SP3-2017-1776
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for tcpdump", title: "Title of the patch", }, { category: "description", text: "This update for tcpdump to version 4.9.2 fixes several issues.\n\nThese security issues were fixed:\n\n- CVE-2017-11108: Prevent remote attackers to cause DoS (heap-based buffer over-read and application crash) via crafted packet data. The crash occured in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol (bsc#1047873, bsc#1057247).\n- CVE-2017-11543: Prevent buffer overflow in the sliplink_print function in print-sl.c that allowed remote DoS (bsc#1057247).\n- CVE-2017-13011: Prevent buffer overflow in bittok2str_internal() that allowed remote DoS (bsc#1057247)\n- CVE-2017-12989: Prevent infinite loop in the RESP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12990: Prevent infinite loop in the ISAKMP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12995: Prevent infinite loop in the DNS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12997: Prevent infinite loop in the LLDP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-11541: Prevent heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c that allowed remote DoS (bsc#1057247).\n- CVE-2017-11542: Prevent heap-based buffer over-read in the pimv1_print function in print-pim.c that allowed remote DoS (bsc#1057247).\n- CVE-2017-12893: Prevent buffer over-read in the SMB/CIFS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12894: Prevent buffer over-read in several protocol parsers that allowed remote DoS (bsc#1057247)\n- CVE-2017-12895: Prevent buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12896: Prevent buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12897: Prevent buffer over-read in the ISO CLNS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12898: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12899: Prevent buffer over-read in the DECnet parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12900: Prevent buffer over-read in the in several protocol parsers that allowed remote DoS (bsc#1057247)\n- CVE-2017-12901: Prevent buffer over-read in the EIGRP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12902: Prevent buffer over-read in the Zephyr parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12985: Prevent buffer over-read in the IPv6 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12986: Prevent buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12987: Prevent buffer over-read in the 802.11 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12988: Prevent buffer over-read in the telnet parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12991: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12992: Prevent buffer over-read in the RIPng parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12993: Prevent buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12994: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12996: Prevent buffer over-read in the PIMv2 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12998: Prevent buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12999: Prevent buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13000: Prevent buffer over-read in the IEEE 802.15.4 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13001: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13002: Prevent buffer over-read in the AODV parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13003: Prevent buffer over-read in the LMP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13004: Prevent buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13005: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13006: Prevent buffer over-read in the L2TP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13007: Prevent buffer over-read in the Apple PKTAP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13008: Prevent buffer over-read in the IEEE 802.11 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13009: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13010: Prevent buffer over-read in the BEEP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13012: Prevent buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13013: Prevent buffer over-read in the ARP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13014: Prevent buffer over-read in the White Board protocol parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13015: Prevent buffer over-read in the EAP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13016: Prevent buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13017: Prevent buffer over-read in the DHCPv6 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13018: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13019: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13020: Prevent buffer over-read in the VTP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13021: Prevent buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13022: Prevent buffer over-read in the IP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13023: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13024: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13025: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13026: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13027: Prevent buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13028: Prevent buffer over-read in the BOOTP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13029: Prevent buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13030: Prevent buffer over-read in the PIM parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13031: Prevent buffer over-read in the IPv6 fragmentation header parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13032: Prevent buffer over-read in the RADIUS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13033: Prevent buffer over-read in the VTP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13034: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13035: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13036: Prevent buffer over-read in the OSPFv3 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13037: Prevent buffer over-read in the IP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13038: Prevent buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13039: Prevent buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13040: Prevent buffer over-read in the MPTCP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13041: Prevent buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13042: Prevent buffer over-read in the HNCP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13043: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13044: Prevent buffer over-read in the HNCP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13045: Prevent buffer over-read in the VQP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13046: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13047: Prevent buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13048: Prevent buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13049: Prevent buffer over-read in the Rx protocol parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13050: Prevent buffer over-read in the RPKI-Router parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13051: Prevent buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13052: Prevent buffer over-read in the CFM parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13053: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13054: Prevent buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13055: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13687: Prevent buffer over-read in the Cisco HDLC parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13688: Prevent buffer over-read in the OLSR parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13689: Prevent buffer over-read in the IKEv1 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13690: Prevent buffer over-read in the IKEv2 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13725: Prevent buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247)\n- Prevent segmentation fault in ESP decoder with OpenSSL 1.1 (bsc#1057247)\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-DESKTOP-12-SP2-2017-1776,SUSE-SLE-DESKTOP-12-SP3-2017-1776,SUSE-SLE-RPI-12-SP2-2017-1776,SUSE-SLE-SERVER-12-SP2-2017-1776,SUSE-SLE-SERVER-12-SP3-2017-1776", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2854-1.json", }, { category: "self", summary: "URL for SUSE-SU-2017:2854-1", url: "https://www.suse.com/support/update/announcement/2017/suse-su-20172854-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2017:2854-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2017-October/003355.html", }, { category: "self", summary: "SUSE Bug 1047873", url: "https://bugzilla.suse.com/1047873", }, { category: "self", summary: "SUSE Bug 1057247", url: "https://bugzilla.suse.com/1057247", }, { category: "self", summary: "SUSE CVE CVE-2017-11108 page", url: "https://www.suse.com/security/cve/CVE-2017-11108/", }, { category: "self", summary: "SUSE CVE CVE-2017-11541 page", url: "https://www.suse.com/security/cve/CVE-2017-11541/", }, { category: "self", summary: "SUSE CVE CVE-2017-11542 page", url: "https://www.suse.com/security/cve/CVE-2017-11542/", }, { category: "self", summary: "SUSE CVE CVE-2017-11543 page", url: "https://www.suse.com/security/cve/CVE-2017-11543/", }, { category: "self", summary: "SUSE CVE CVE-2017-12893 page", url: "https://www.suse.com/security/cve/CVE-2017-12893/", }, { category: "self", summary: "SUSE CVE CVE-2017-12894 page", url: "https://www.suse.com/security/cve/CVE-2017-12894/", }, { category: "self", summary: "SUSE CVE CVE-2017-12895 page", url: "https://www.suse.com/security/cve/CVE-2017-12895/", }, { category: "self", summary: "SUSE CVE CVE-2017-12896 page", url: "https://www.suse.com/security/cve/CVE-2017-12896/", }, { category: "self", summary: "SUSE CVE CVE-2017-12897 page", url: "https://www.suse.com/security/cve/CVE-2017-12897/", }, { category: "self", summary: "SUSE CVE CVE-2017-12898 page", url: "https://www.suse.com/security/cve/CVE-2017-12898/", }, { category: "self", summary: "SUSE CVE CVE-2017-12899 page", url: "https://www.suse.com/security/cve/CVE-2017-12899/", }, { category: "self", summary: "SUSE CVE CVE-2017-12900 page", url: "https://www.suse.com/security/cve/CVE-2017-12900/", }, { category: "self", summary: "SUSE CVE CVE-2017-12901 page", url: "https://www.suse.com/security/cve/CVE-2017-12901/", }, { category: "self", summary: "SUSE CVE CVE-2017-12902 page", url: "https://www.suse.com/security/cve/CVE-2017-12902/", }, { category: "self", summary: "SUSE CVE CVE-2017-12985 page", url: "https://www.suse.com/security/cve/CVE-2017-12985/", }, { category: "self", summary: "SUSE CVE CVE-2017-12986 page", url: "https://www.suse.com/security/cve/CVE-2017-12986/", }, { category: "self", summary: "SUSE CVE CVE-2017-12987 page", url: "https://www.suse.com/security/cve/CVE-2017-12987/", }, { category: "self", summary: "SUSE CVE CVE-2017-12988 page", url: "https://www.suse.com/security/cve/CVE-2017-12988/", }, { category: "self", summary: "SUSE CVE CVE-2017-12989 page", url: "https://www.suse.com/security/cve/CVE-2017-12989/", }, { category: "self", summary: "SUSE CVE CVE-2017-12990 page", url: "https://www.suse.com/security/cve/CVE-2017-12990/", }, { category: "self", summary: "SUSE CVE CVE-2017-12991 page", url: "https://www.suse.com/security/cve/CVE-2017-12991/", }, { category: "self", summary: "SUSE CVE CVE-2017-12992 page", url: "https://www.suse.com/security/cve/CVE-2017-12992/", }, { category: "self", summary: "SUSE CVE CVE-2017-12993 page", url: "https://www.suse.com/security/cve/CVE-2017-12993/", }, { category: "self", summary: "SUSE CVE CVE-2017-12994 page", url: "https://www.suse.com/security/cve/CVE-2017-12994/", }, { category: "self", summary: "SUSE CVE CVE-2017-12995 page", url: "https://www.suse.com/security/cve/CVE-2017-12995/", }, { category: "self", summary: "SUSE CVE CVE-2017-12996 page", url: "https://www.suse.com/security/cve/CVE-2017-12996/", }, { category: "self", summary: "SUSE CVE CVE-2017-12997 page", url: "https://www.suse.com/security/cve/CVE-2017-12997/", }, { category: "self", summary: "SUSE CVE CVE-2017-12998 page", url: "https://www.suse.com/security/cve/CVE-2017-12998/", }, { category: "self", summary: "SUSE CVE CVE-2017-12999 page", url: "https://www.suse.com/security/cve/CVE-2017-12999/", }, { category: "self", summary: "SUSE CVE CVE-2017-13000 page", url: "https://www.suse.com/security/cve/CVE-2017-13000/", }, { category: "self", summary: "SUSE CVE CVE-2017-13001 page", url: "https://www.suse.com/security/cve/CVE-2017-13001/", }, { category: "self", summary: "SUSE CVE CVE-2017-13002 page", url: "https://www.suse.com/security/cve/CVE-2017-13002/", }, { category: "self", summary: "SUSE CVE CVE-2017-13003 page", url: "https://www.suse.com/security/cve/CVE-2017-13003/", }, { category: "self", summary: "SUSE CVE CVE-2017-13004 page", url: "https://www.suse.com/security/cve/CVE-2017-13004/", }, { category: "self", summary: "SUSE CVE CVE-2017-13005 page", url: "https://www.suse.com/security/cve/CVE-2017-13005/", }, { category: "self", summary: "SUSE CVE CVE-2017-13006 page", url: "https://www.suse.com/security/cve/CVE-2017-13006/", }, { category: "self", summary: "SUSE CVE CVE-2017-13007 page", url: "https://www.suse.com/security/cve/CVE-2017-13007/", }, { category: "self", summary: "SUSE CVE CVE-2017-13008 page", url: "https://www.suse.com/security/cve/CVE-2017-13008/", }, { category: "self", summary: "SUSE CVE CVE-2017-13009 page", url: "https://www.suse.com/security/cve/CVE-2017-13009/", }, { category: "self", summary: "SUSE CVE CVE-2017-13010 page", url: "https://www.suse.com/security/cve/CVE-2017-13010/", }, { category: "self", summary: "SUSE CVE CVE-2017-13011 page", url: "https://www.suse.com/security/cve/CVE-2017-13011/", }, { category: "self", summary: "SUSE CVE CVE-2017-13012 page", url: "https://www.suse.com/security/cve/CVE-2017-13012/", }, { category: "self", summary: "SUSE CVE CVE-2017-13013 page", url: "https://www.suse.com/security/cve/CVE-2017-13013/", }, { category: "self", summary: "SUSE CVE CVE-2017-13014 page", url: "https://www.suse.com/security/cve/CVE-2017-13014/", }, { category: "self", summary: "SUSE CVE CVE-2017-13015 page", url: "https://www.suse.com/security/cve/CVE-2017-13015/", }, { category: "self", summary: "SUSE CVE CVE-2017-13016 page", url: "https://www.suse.com/security/cve/CVE-2017-13016/", }, { category: "self", summary: "SUSE CVE CVE-2017-13017 page", url: "https://www.suse.com/security/cve/CVE-2017-13017/", }, { category: "self", summary: "SUSE CVE CVE-2017-13018 page", url: "https://www.suse.com/security/cve/CVE-2017-13018/", }, { category: "self", summary: "SUSE CVE CVE-2017-13019 page", url: "https://www.suse.com/security/cve/CVE-2017-13019/", }, { category: "self", summary: "SUSE CVE CVE-2017-13020 page", url: "https://www.suse.com/security/cve/CVE-2017-13020/", }, { category: "self", summary: "SUSE CVE CVE-2017-13021 page", url: "https://www.suse.com/security/cve/CVE-2017-13021/", }, { category: "self", summary: "SUSE CVE CVE-2017-13022 page", url: "https://www.suse.com/security/cve/CVE-2017-13022/", }, { category: "self", summary: "SUSE CVE CVE-2017-13023 page", url: "https://www.suse.com/security/cve/CVE-2017-13023/", }, { category: "self", summary: "SUSE CVE CVE-2017-13024 page", url: "https://www.suse.com/security/cve/CVE-2017-13024/", }, { category: "self", summary: "SUSE CVE CVE-2017-13025 page", url: "https://www.suse.com/security/cve/CVE-2017-13025/", }, { category: "self", summary: "SUSE CVE CVE-2017-13026 page", url: "https://www.suse.com/security/cve/CVE-2017-13026/", }, { category: "self", summary: "SUSE CVE CVE-2017-13027 page", url: "https://www.suse.com/security/cve/CVE-2017-13027/", }, { category: "self", summary: "SUSE CVE CVE-2017-13028 page", url: "https://www.suse.com/security/cve/CVE-2017-13028/", }, { category: "self", summary: "SUSE CVE CVE-2017-13029 page", url: "https://www.suse.com/security/cve/CVE-2017-13029/", }, { category: "self", summary: "SUSE CVE CVE-2017-13030 page", url: "https://www.suse.com/security/cve/CVE-2017-13030/", }, { category: "self", summary: "SUSE CVE CVE-2017-13031 page", url: "https://www.suse.com/security/cve/CVE-2017-13031/", }, { category: "self", summary: "SUSE CVE CVE-2017-13032 page", url: "https://www.suse.com/security/cve/CVE-2017-13032/", }, { category: "self", summary: "SUSE CVE CVE-2017-13033 page", url: "https://www.suse.com/security/cve/CVE-2017-13033/", }, { category: "self", summary: "SUSE CVE CVE-2017-13034 page", url: "https://www.suse.com/security/cve/CVE-2017-13034/", }, { category: "self", summary: "SUSE CVE CVE-2017-13035 page", url: "https://www.suse.com/security/cve/CVE-2017-13035/", }, { category: "self", summary: "SUSE CVE CVE-2017-13036 page", url: "https://www.suse.com/security/cve/CVE-2017-13036/", }, { category: "self", summary: "SUSE CVE CVE-2017-13037 page", url: "https://www.suse.com/security/cve/CVE-2017-13037/", }, { category: "self", summary: "SUSE CVE CVE-2017-13038 page", url: "https://www.suse.com/security/cve/CVE-2017-13038/", }, { category: "self", summary: "SUSE CVE CVE-2017-13039 page", url: "https://www.suse.com/security/cve/CVE-2017-13039/", }, { category: "self", summary: "SUSE CVE CVE-2017-13040 page", url: "https://www.suse.com/security/cve/CVE-2017-13040/", }, { category: "self", summary: "SUSE CVE CVE-2017-13041 page", url: "https://www.suse.com/security/cve/CVE-2017-13041/", }, { category: "self", summary: "SUSE CVE CVE-2017-13042 page", url: "https://www.suse.com/security/cve/CVE-2017-13042/", }, { category: "self", summary: "SUSE CVE CVE-2017-13043 page", url: "https://www.suse.com/security/cve/CVE-2017-13043/", }, { category: "self", summary: "SUSE CVE CVE-2017-13044 page", url: "https://www.suse.com/security/cve/CVE-2017-13044/", }, { category: "self", summary: "SUSE CVE CVE-2017-13045 page", url: "https://www.suse.com/security/cve/CVE-2017-13045/", }, { category: "self", summary: "SUSE CVE CVE-2017-13046 page", url: "https://www.suse.com/security/cve/CVE-2017-13046/", }, { category: "self", summary: "SUSE CVE CVE-2017-13047 page", url: "https://www.suse.com/security/cve/CVE-2017-13047/", }, { category: "self", summary: "SUSE CVE CVE-2017-13048 page", url: "https://www.suse.com/security/cve/CVE-2017-13048/", }, { category: "self", summary: "SUSE CVE CVE-2017-13049 page", url: "https://www.suse.com/security/cve/CVE-2017-13049/", }, { category: "self", summary: "SUSE CVE CVE-2017-13050 page", url: "https://www.suse.com/security/cve/CVE-2017-13050/", }, { category: "self", summary: "SUSE CVE CVE-2017-13051 page", url: "https://www.suse.com/security/cve/CVE-2017-13051/", }, { category: "self", summary: "SUSE CVE CVE-2017-13052 page", url: "https://www.suse.com/security/cve/CVE-2017-13052/", }, { category: "self", summary: "SUSE CVE CVE-2017-13053 page", url: "https://www.suse.com/security/cve/CVE-2017-13053/", }, { category: "self", summary: "SUSE CVE CVE-2017-13054 page", url: "https://www.suse.com/security/cve/CVE-2017-13054/", }, { category: "self", summary: "SUSE CVE CVE-2017-13055 page", url: "https://www.suse.com/security/cve/CVE-2017-13055/", }, { category: "self", summary: "SUSE CVE CVE-2017-13687 page", url: "https://www.suse.com/security/cve/CVE-2017-13687/", }, { category: "self", summary: "SUSE CVE CVE-2017-13688 page", url: "https://www.suse.com/security/cve/CVE-2017-13688/", }, { category: "self", summary: "SUSE CVE CVE-2017-13689 page", url: "https://www.suse.com/security/cve/CVE-2017-13689/", }, { category: "self", summary: "SUSE CVE CVE-2017-13690 page", url: "https://www.suse.com/security/cve/CVE-2017-13690/", }, { category: "self", summary: "SUSE CVE CVE-2017-13725 page", url: "https://www.suse.com/security/cve/CVE-2017-13725/", }, ], title: "Security update for tcpdump", tracking: { current_release_date: "2017-10-26T07:44:55Z", generator: { date: "2017-10-26T07:44:55Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2017:2854-1", initial_release_date: "2017-10-26T07:44:55Z", revision_history: [ { date: "2017-10-26T07:44:55Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "tcpdump-4.9.2-14.5.1.aarch64", product: { name: "tcpdump-4.9.2-14.5.1.aarch64", product_id: "tcpdump-4.9.2-14.5.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "tcpdump-4.9.2-14.5.1.ppc64le", product: { name: "tcpdump-4.9.2-14.5.1.ppc64le", product_id: "tcpdump-4.9.2-14.5.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "tcpdump-4.9.2-14.5.1.s390x", product: { name: "tcpdump-4.9.2-14.5.1.s390x", product_id: "tcpdump-4.9.2-14.5.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "tcpdump-4.9.2-14.5.1.x86_64", product: { name: "tcpdump-4.9.2-14.5.1.x86_64", product_id: "tcpdump-4.9.2-14.5.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Desktop 12 SP2", product: { name: "SUSE Linux Enterprise Desktop 12 SP2", product_id: "SUSE Linux Enterprise Desktop 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sled:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Desktop 12 SP3", product: { name: "SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sled:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product: { name: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_id: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP2", product: { name: "SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP3", product: { name: "SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "tcpdump-4.9.2-14.5.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2", product_id: "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", }, product_reference: "tcpdump-4.9.2-14.5.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP2", }, { category: "default_component_of", full_product_name: { name: "tcpdump-4.9.2-14.5.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", }, product_reference: "tcpdump-4.9.2-14.5.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "tcpdump-4.9.2-14.5.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", product_id: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", }, product_reference: "tcpdump-4.9.2-14.5.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2", }, { category: "default_component_of", full_product_name: { name: "tcpdump-4.9.2-14.5.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", }, product_reference: "tcpdump-4.9.2-14.5.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "tcpdump-4.9.2-14.5.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", }, product_reference: "tcpdump-4.9.2-14.5.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "tcpdump-4.9.2-14.5.1.s390x as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", }, product_reference: "tcpdump-4.9.2-14.5.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "tcpdump-4.9.2-14.5.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2", product_id: "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", }, product_reference: "tcpdump-4.9.2-14.5.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2", }, { category: "default_component_of", full_product_name: { name: "tcpdump-4.9.2-14.5.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", }, product_reference: "tcpdump-4.9.2-14.5.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "tcpdump-4.9.2-14.5.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", }, product_reference: "tcpdump-4.9.2-14.5.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "tcpdump-4.9.2-14.5.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", }, product_reference: "tcpdump-4.9.2-14.5.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "tcpdump-4.9.2-14.5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", }, product_reference: "tcpdump-4.9.2-14.5.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "tcpdump-4.9.2-14.5.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", }, product_reference: "tcpdump-4.9.2-14.5.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "tcpdump-4.9.2-14.5.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", }, product_reference: "tcpdump-4.9.2-14.5.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "tcpdump-4.9.2-14.5.1.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", }, product_reference: "tcpdump-4.9.2-14.5.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "tcpdump-4.9.2-14.5.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", }, product_reference: "tcpdump-4.9.2-14.5.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "tcpdump-4.9.2-14.5.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", }, product_reference: "tcpdump-4.9.2-14.5.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "tcpdump-4.9.2-14.5.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", }, product_reference: "tcpdump-4.9.2-14.5.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "tcpdump-4.9.2-14.5.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", }, product_reference: "tcpdump-4.9.2-14.5.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "tcpdump-4.9.2-14.5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", }, product_reference: "tcpdump-4.9.2-14.5.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, ], }, vulnerabilities: [ { cve: "CVE-2017-11108", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-11108", }, ], notes: [ { category: "general", text: "tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-11108", url: "https://www.suse.com/security/cve/CVE-2017-11108", }, { category: "external", summary: "SUSE Bug 1047873 for CVE-2017-11108", url: "https://bugzilla.suse.com/1047873", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-11108", url: "https://bugzilla.suse.com/1057247", }, { category: "external", summary: "SUSE Bug 1123142 for CVE-2017-11108", url: "https://bugzilla.suse.com/1123142", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "moderate", }, ], title: "CVE-2017-11108", }, { cve: "CVE-2017-11541", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-11541", }, ], notes: [ { category: "general", text: "tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-11541", url: "https://www.suse.com/security/cve/CVE-2017-11541", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-11541", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-11541", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-11541", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-11541", url: "https://bugzilla.suse.com/1057247", }, { category: "external", summary: "SUSE Bug 1123142 for CVE-2017-11541", url: "https://bugzilla.suse.com/1123142", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-11541", }, { cve: "CVE-2017-11542", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-11542", }, ], notes: [ { category: "general", text: "tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-11542", url: "https://www.suse.com/security/cve/CVE-2017-11542", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-11542", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-11542", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-11542", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-11542", url: "https://bugzilla.suse.com/1057247", }, { category: "external", summary: "SUSE Bug 1123142 for CVE-2017-11542", url: "https://bugzilla.suse.com/1123142", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "moderate", }, ], title: "CVE-2017-11542", }, { cve: "CVE-2017-11543", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-11543", }, ], notes: [ { category: "general", text: "tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-11543", url: "https://www.suse.com/security/cve/CVE-2017-11543", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-11543", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-11543", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-11543", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-11543", url: "https://bugzilla.suse.com/1057247", }, { category: "external", summary: "SUSE Bug 1123142 for CVE-2017-11543", url: "https://bugzilla.suse.com/1123142", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "important", }, ], title: "CVE-2017-11543", }, { cve: "CVE-2017-12893", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12893", }, ], notes: [ { category: "general", text: "The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12893", url: "https://www.suse.com/security/cve/CVE-2017-12893", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12893", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12893", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12893", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12893", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12893", }, { cve: "CVE-2017-12894", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12894", }, ], notes: [ { category: "general", text: "Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12894", url: "https://www.suse.com/security/cve/CVE-2017-12894", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12894", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12894", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12894", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12894", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12894", }, { cve: "CVE-2017-12895", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12895", }, ], notes: [ { category: "general", text: "The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12895", url: "https://www.suse.com/security/cve/CVE-2017-12895", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12895", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12895", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12895", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12895", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12895", }, { cve: "CVE-2017-12896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12896", }, ], notes: [ { category: "general", text: "The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12896", url: "https://www.suse.com/security/cve/CVE-2017-12896", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12896", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12896", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12896", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12896", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12896", }, { cve: "CVE-2017-12897", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12897", }, ], notes: [ { category: "general", text: "The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12897", url: "https://www.suse.com/security/cve/CVE-2017-12897", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12897", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12897", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12897", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12897", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12897", }, { cve: "CVE-2017-12898", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12898", }, ], notes: [ { category: "general", text: "The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12898", url: "https://www.suse.com/security/cve/CVE-2017-12898", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12898", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12898", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12898", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12898", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12898", }, { cve: "CVE-2017-12899", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12899", }, ], notes: [ { category: "general", text: "The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12899", url: "https://www.suse.com/security/cve/CVE-2017-12899", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12899", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12899", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12899", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12899", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12899", }, { cve: "CVE-2017-12900", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12900", }, ], notes: [ { category: "general", text: "Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12900", url: "https://www.suse.com/security/cve/CVE-2017-12900", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12900", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12900", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12900", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12900", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12900", }, { cve: "CVE-2017-12901", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12901", }, ], notes: [ { category: "general", text: "The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12901", url: "https://www.suse.com/security/cve/CVE-2017-12901", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12901", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12901", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12901", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12901", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12901", }, { cve: "CVE-2017-12902", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12902", }, ], notes: [ { category: "general", text: "The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12902", url: "https://www.suse.com/security/cve/CVE-2017-12902", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12902", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12902", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12902", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12902", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12902", }, { cve: "CVE-2017-12985", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12985", }, ], notes: [ { category: "general", text: "The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12985", url: "https://www.suse.com/security/cve/CVE-2017-12985", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12985", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12985", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12985", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12985", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12985", }, { cve: "CVE-2017-12986", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12986", }, ], notes: [ { category: "general", text: "The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12986", url: "https://www.suse.com/security/cve/CVE-2017-12986", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12986", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12986", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12986", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12986", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12986", }, { cve: "CVE-2017-12987", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12987", }, ], notes: [ { category: "general", text: "The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12987", url: "https://www.suse.com/security/cve/CVE-2017-12987", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12987", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12987", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12987", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12987", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12987", }, { cve: "CVE-2017-12988", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12988", }, ], notes: [ { category: "general", text: "The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12988", url: "https://www.suse.com/security/cve/CVE-2017-12988", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12988", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12988", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12988", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12988", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12988", }, { cve: "CVE-2017-12989", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12989", }, ], notes: [ { category: "general", text: "The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12989", url: "https://www.suse.com/security/cve/CVE-2017-12989", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12989", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12989", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12989", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12989", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12989", }, { cve: "CVE-2017-12990", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12990", }, ], notes: [ { category: "general", text: "The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12990", url: "https://www.suse.com/security/cve/CVE-2017-12990", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12990", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12990", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12990", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12990", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12990", }, { cve: "CVE-2017-12991", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12991", }, ], notes: [ { category: "general", text: "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12991", url: "https://www.suse.com/security/cve/CVE-2017-12991", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12991", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12991", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12991", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12991", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12991", }, { cve: "CVE-2017-12992", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12992", }, ], notes: [ { category: "general", text: "The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12992", url: "https://www.suse.com/security/cve/CVE-2017-12992", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12992", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12992", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12992", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12992", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12992", }, { cve: "CVE-2017-12993", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12993", }, ], notes: [ { category: "general", text: "The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12993", url: "https://www.suse.com/security/cve/CVE-2017-12993", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12993", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12993", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12993", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12993", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12993", }, { cve: "CVE-2017-12994", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12994", }, ], notes: [ { category: "general", text: "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12994", url: "https://www.suse.com/security/cve/CVE-2017-12994", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12994", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12994", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12994", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12994", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12994", }, { cve: "CVE-2017-12995", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12995", }, ], notes: [ { category: "general", text: "The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12995", url: "https://www.suse.com/security/cve/CVE-2017-12995", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12995", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12995", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12995", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12995", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12995", }, { cve: "CVE-2017-12996", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12996", }, ], notes: [ { category: "general", text: "The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12996", url: "https://www.suse.com/security/cve/CVE-2017-12996", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12996", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12996", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12996", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12996", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12996", }, { cve: "CVE-2017-12997", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12997", }, ], notes: [ { category: "general", text: "The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldp_private_8021_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12997", url: "https://www.suse.com/security/cve/CVE-2017-12997", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12997", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12997", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12997", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12997", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12997", }, { cve: "CVE-2017-12998", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12998", }, ], notes: [ { category: "general", text: "The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_extd_ip_reach().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12998", url: "https://www.suse.com/security/cve/CVE-2017-12998", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12998", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12998", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12998", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12998", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12998", }, { cve: "CVE-2017-12999", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12999", }, ], notes: [ { category: "general", text: "The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12999", url: "https://www.suse.com/security/cve/CVE-2017-12999", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12999", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12999", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12999", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12999", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-12999", }, { cve: "CVE-2017-13000", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13000", }, ], notes: [ { category: "general", text: "The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13000", url: "https://www.suse.com/security/cve/CVE-2017-13000", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13000", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13000", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13000", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13000", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13000", }, { cve: "CVE-2017-13001", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13001", }, ], notes: [ { category: "general", text: "The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13001", url: "https://www.suse.com/security/cve/CVE-2017-13001", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13001", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13001", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13001", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13001", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13001", }, { cve: "CVE-2017-13002", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13002", }, ], notes: [ { category: "general", text: "The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13002", url: "https://www.suse.com/security/cve/CVE-2017-13002", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13002", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13002", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13002", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13002", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13002", }, { cve: "CVE-2017-13003", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13003", }, ], notes: [ { category: "general", text: "The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13003", url: "https://www.suse.com/security/cve/CVE-2017-13003", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13003", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13003", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13003", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13003", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13003", }, { cve: "CVE-2017-13004", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13004", }, ], notes: [ { category: "general", text: "The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13004", url: "https://www.suse.com/security/cve/CVE-2017-13004", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13004", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13004", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13004", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13004", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13004", }, { cve: "CVE-2017-13005", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13005", }, ], notes: [ { category: "general", text: "The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13005", url: "https://www.suse.com/security/cve/CVE-2017-13005", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13005", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13005", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13005", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13005", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13005", }, { cve: "CVE-2017-13006", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13006", }, ], notes: [ { category: "general", text: "The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13006", url: "https://www.suse.com/security/cve/CVE-2017-13006", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13006", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13006", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13006", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13006", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13006", }, { cve: "CVE-2017-13007", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13007", }, ], notes: [ { category: "general", text: "The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read in print-pktap.c:pktap_if_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13007", url: "https://www.suse.com/security/cve/CVE-2017-13007", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13007", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13007", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13007", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13007", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13007", }, { cve: "CVE-2017-13008", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13008", }, ], notes: [ { category: "general", text: "The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13008", url: "https://www.suse.com/security/cve/CVE-2017-13008", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13008", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13008", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13008", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13008", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13008", }, { cve: "CVE-2017-13009", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13009", }, ], notes: [ { category: "general", text: "The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13009", url: "https://www.suse.com/security/cve/CVE-2017-13009", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13009", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13009", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13009", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13009", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13009", }, { cve: "CVE-2017-13010", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13010", }, ], notes: [ { category: "general", text: "The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13010", url: "https://www.suse.com/security/cve/CVE-2017-13010", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13010", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13010", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13010", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13010", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13010", }, { cve: "CVE-2017-13011", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13011", }, ], notes: [ { category: "general", text: "Several protocol parsers in tcpdump before 4.9.2 could cause a buffer overflow in util-print.c:bittok2str_internal().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13011", url: "https://www.suse.com/security/cve/CVE-2017-13011", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13011", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13011", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13011", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13011", url: "https://bugzilla.suse.com/1057247", }, { category: "external", summary: "SUSE Bug 1123142 for CVE-2017-13011", url: "https://bugzilla.suse.com/1123142", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13011", }, { cve: "CVE-2017-13012", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13012", }, ], notes: [ { category: "general", text: "The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13012", url: "https://www.suse.com/security/cve/CVE-2017-13012", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13012", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13012", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13012", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13012", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13012", }, { cve: "CVE-2017-13013", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13013", }, ], notes: [ { category: "general", text: "The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13013", url: "https://www.suse.com/security/cve/CVE-2017-13013", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13013", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13013", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13013", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13013", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13013", }, { cve: "CVE-2017-13014", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13014", }, ], notes: [ { category: "general", text: "The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13014", url: "https://www.suse.com/security/cve/CVE-2017-13014", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13014", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13014", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13014", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13014", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13014", }, { cve: "CVE-2017-13015", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13015", }, ], notes: [ { category: "general", text: "The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print-eap.c:eap_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13015", url: "https://www.suse.com/security/cve/CVE-2017-13015", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13015", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13015", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13015", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13015", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13015", }, { cve: "CVE-2017-13016", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13016", }, ], notes: [ { category: "general", text: "The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13016", url: "https://www.suse.com/security/cve/CVE-2017-13016", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13016", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13016", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13016", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13016", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13016", }, { cve: "CVE-2017-13017", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13017", }, ], notes: [ { category: "general", text: "The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13017", url: "https://www.suse.com/security/cve/CVE-2017-13017", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13017", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13017", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13017", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13017", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13017", }, { cve: "CVE-2017-13018", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13018", }, ], notes: [ { category: "general", text: "The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13018", url: "https://www.suse.com/security/cve/CVE-2017-13018", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13018", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13018", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13018", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13018", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13018", }, { cve: "CVE-2017-13019", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13019", }, ], notes: [ { category: "general", text: "The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13019", url: "https://www.suse.com/security/cve/CVE-2017-13019", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13019", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13019", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13019", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13019", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13019", }, { cve: "CVE-2017-13020", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13020", }, ], notes: [ { category: "general", text: "The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13020", url: "https://www.suse.com/security/cve/CVE-2017-13020", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13020", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13020", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13020", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13020", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13020", }, { cve: "CVE-2017-13021", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13021", }, ], notes: [ { category: "general", text: "The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13021", url: "https://www.suse.com/security/cve/CVE-2017-13021", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13021", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13021", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13021", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13021", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13021", }, { cve: "CVE-2017-13022", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13022", }, ], notes: [ { category: "general", text: "The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13022", url: "https://www.suse.com/security/cve/CVE-2017-13022", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13022", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13022", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13022", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13022", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13022", }, { cve: "CVE-2017-13023", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13023", }, ], notes: [ { category: "general", text: "The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13023", url: "https://www.suse.com/security/cve/CVE-2017-13023", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13023", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13023", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13023", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13023", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13023", }, { cve: "CVE-2017-13024", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13024", }, ], notes: [ { category: "general", text: "The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13024", url: "https://www.suse.com/security/cve/CVE-2017-13024", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13024", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13024", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13024", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13024", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13024", }, { cve: "CVE-2017-13025", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13025", }, ], notes: [ { category: "general", text: "The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13025", url: "https://www.suse.com/security/cve/CVE-2017-13025", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13025", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13025", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13025", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13025", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13025", }, { cve: "CVE-2017-13026", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13026", }, ], notes: [ { category: "general", text: "The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c, several functions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13026", url: "https://www.suse.com/security/cve/CVE-2017-13026", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13026", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13026", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13026", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13026", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13026", }, { cve: "CVE-2017-13027", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13027", }, ], notes: [ { category: "general", text: "The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13027", url: "https://www.suse.com/security/cve/CVE-2017-13027", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13027", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13027", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13027", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13027", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13027", }, { cve: "CVE-2017-13028", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13028", }, ], notes: [ { category: "general", text: "The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13028", url: "https://www.suse.com/security/cve/CVE-2017-13028", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13028", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13028", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13028", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13028", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13028", }, { cve: "CVE-2017-13029", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13029", }, ], notes: [ { category: "general", text: "The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13029", url: "https://www.suse.com/security/cve/CVE-2017-13029", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13029", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13029", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13029", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13029", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13029", }, { cve: "CVE-2017-13030", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13030", }, ], notes: [ { category: "general", text: "The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13030", url: "https://www.suse.com/security/cve/CVE-2017-13030", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13030", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13030", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13030", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13030", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13030", }, { cve: "CVE-2017-13031", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13031", }, ], notes: [ { category: "general", text: "The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13031", url: "https://www.suse.com/security/cve/CVE-2017-13031", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13031", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13031", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13031", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13031", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13031", }, { cve: "CVE-2017-13032", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13032", }, ], notes: [ { category: "general", text: "The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13032", url: "https://www.suse.com/security/cve/CVE-2017-13032", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13032", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13032", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13032", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13032", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13032", }, { cve: "CVE-2017-13033", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13033", }, ], notes: [ { category: "general", text: "The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13033", url: "https://www.suse.com/security/cve/CVE-2017-13033", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13033", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13033", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13033", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13033", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13033", }, { cve: "CVE-2017-13034", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13034", }, ], notes: [ { category: "general", text: "The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13034", url: "https://www.suse.com/security/cve/CVE-2017-13034", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13034", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13034", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13034", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13034", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13034", }, { cve: "CVE-2017-13035", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13035", }, ], notes: [ { category: "general", text: "The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13035", url: "https://www.suse.com/security/cve/CVE-2017-13035", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13035", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13035", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13035", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13035", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13035", }, { cve: "CVE-2017-13036", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13036", }, ], notes: [ { category: "general", text: "The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13036", url: "https://www.suse.com/security/cve/CVE-2017-13036", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13036", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13036", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13036", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13036", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13036", }, { cve: "CVE-2017-13037", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13037", }, ], notes: [ { category: "general", text: "The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13037", url: "https://www.suse.com/security/cve/CVE-2017-13037", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13037", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13037", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13037", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13037", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13037", }, { cve: "CVE-2017-13038", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13038", }, ], notes: [ { category: "general", text: "The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13038", url: "https://www.suse.com/security/cve/CVE-2017-13038", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13038", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13038", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13038", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13038", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13038", }, { cve: "CVE-2017-13039", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13039", }, ], notes: [ { category: "general", text: "The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13039", url: "https://www.suse.com/security/cve/CVE-2017-13039", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13039", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13039", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13039", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13039", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13039", }, { cve: "CVE-2017-13040", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13040", }, ], notes: [ { category: "general", text: "The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13040", url: "https://www.suse.com/security/cve/CVE-2017-13040", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13040", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13040", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13040", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13040", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13040", }, { cve: "CVE-2017-13041", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13041", }, ], notes: [ { category: "general", text: "The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13041", url: "https://www.suse.com/security/cve/CVE-2017-13041", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13041", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13041", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13041", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13041", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13041", }, { cve: "CVE-2017-13042", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13042", }, ], notes: [ { category: "general", text: "The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13042", url: "https://www.suse.com/security/cve/CVE-2017-13042", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13042", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13042", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13042", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13042", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13042", }, { cve: "CVE-2017-13043", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13043", }, ], notes: [ { category: "general", text: "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13043", url: "https://www.suse.com/security/cve/CVE-2017-13043", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13043", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13043", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13043", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13043", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13043", }, { cve: "CVE-2017-13044", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13044", }, ], notes: [ { category: "general", text: "The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13044", url: "https://www.suse.com/security/cve/CVE-2017-13044", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13044", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13044", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13044", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13044", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13044", }, { cve: "CVE-2017-13045", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13045", }, ], notes: [ { category: "general", text: "The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13045", url: "https://www.suse.com/security/cve/CVE-2017-13045", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13045", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13045", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13045", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13045", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13045", }, { cve: "CVE-2017-13046", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13046", }, ], notes: [ { category: "general", text: "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13046", url: "https://www.suse.com/security/cve/CVE-2017-13046", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13046", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13046", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13046", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13046", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13046", }, { cve: "CVE-2017-13047", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13047", }, ], notes: [ { category: "general", text: "The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13047", url: "https://www.suse.com/security/cve/CVE-2017-13047", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13047", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13047", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13047", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13047", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13047", }, { cve: "CVE-2017-13048", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13048", }, ], notes: [ { category: "general", text: "The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13048", url: "https://www.suse.com/security/cve/CVE-2017-13048", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13048", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13048", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13048", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13048", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13048", }, { cve: "CVE-2017-13049", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13049", }, ], notes: [ { category: "general", text: "The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13049", url: "https://www.suse.com/security/cve/CVE-2017-13049", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13049", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13049", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13049", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13049", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13049", }, { cve: "CVE-2017-13050", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13050", }, ], notes: [ { category: "general", text: "The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13050", url: "https://www.suse.com/security/cve/CVE-2017-13050", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13050", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13050", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13050", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13050", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13050", }, { cve: "CVE-2017-13051", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13051", }, ], notes: [ { category: "general", text: "The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13051", url: "https://www.suse.com/security/cve/CVE-2017-13051", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13051", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13051", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13051", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13051", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13051", }, { cve: "CVE-2017-13052", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13052", }, ], notes: [ { category: "general", text: "The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13052", url: "https://www.suse.com/security/cve/CVE-2017-13052", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13052", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13052", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13052", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13052", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13052", }, { cve: "CVE-2017-13053", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13053", }, ], notes: [ { category: "general", text: "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13053", url: "https://www.suse.com/security/cve/CVE-2017-13053", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13053", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13053", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13053", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13053", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13053", }, { cve: "CVE-2017-13054", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13054", }, ], notes: [ { category: "general", text: "The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13054", url: "https://www.suse.com/security/cve/CVE-2017-13054", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13054", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13054", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13054", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13054", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13054", }, { cve: "CVE-2017-13055", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13055", }, ], notes: [ { category: "general", text: "The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13055", url: "https://www.suse.com/security/cve/CVE-2017-13055", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13055", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13055", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13055", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13055", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13055", }, { cve: "CVE-2017-13687", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13687", }, ], notes: [ { category: "general", text: "The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13687", url: "https://www.suse.com/security/cve/CVE-2017-13687", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13687", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13687", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13687", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13687", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13687", }, { cve: "CVE-2017-13688", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13688", }, ], notes: [ { category: "general", text: "The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13688", url: "https://www.suse.com/security/cve/CVE-2017-13688", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13688", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13688", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13688", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13688", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13688", }, { cve: "CVE-2017-13689", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13689", }, ], notes: [ { category: "general", text: "The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13689", url: "https://www.suse.com/security/cve/CVE-2017-13689", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13689", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13689", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13689", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13689", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13689", }, { cve: "CVE-2017-13690", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13690", }, ], notes: [ { category: "general", text: "The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13690", url: "https://www.suse.com/security/cve/CVE-2017-13690", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13690", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13690", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13690", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13690", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13690", }, { cve: "CVE-2017-13725", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13725", }, ], notes: [ { category: "general", text: "The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13725", url: "https://www.suse.com/security/cve/CVE-2017-13725", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13725", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13725", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13725", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13725", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2017-10-26T07:44:55Z", details: "critical", }, ], title: "CVE-2017-13725", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.