[USN-4252-1] tcpdump vulnerabilities

Marc Deslauriers marc.deslauriers at canonical.com
Mon Jan 27 16:22:16 UTC 2020


==========================================================================
Ubuntu Security Notice USN-4252-1
January 27, 2020

tcpdump vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in tcpdump.

Software Description:
- tcpdump: command-line network traffic analyzer

Details:

Multiple security issues were discovered in tcpdump. A remote attacker
could use these issues to cause tcpdump to crash, resulting in a denial of
service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  tcpdump                         4.9.3-0ubuntu0.18.04.1

Ubuntu 16.04 LTS:
  tcpdump                         4.9.3-0ubuntu0.16.04.1

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
  https://usn.ubuntu.com/4252-1
  CVE-2017-16808, CVE-2018-10103, CVE-2018-10105, CVE-2018-14461,
  CVE-2018-14462, CVE-2018-14463, CVE-2018-14464, CVE-2018-14465,
  CVE-2018-14466, CVE-2018-14467, CVE-2018-14468, CVE-2018-14469,
  CVE-2018-14470, CVE-2018-14879, CVE-2018-14880, CVE-2018-14881,
  CVE-2018-14882, CVE-2018-16227, CVE-2018-16228, CVE-2018-16229,
  CVE-2018-16230, CVE-2018-16300, CVE-2018-16451, CVE-2018-16452,
  CVE-2018-19519, CVE-2019-1010220, CVE-2019-15166, CVE-2019-15167

Package Information:
  https://launchpad.net/ubuntu/+source/tcpdump/4.9.3-0ubuntu0.18.04.1
  https://launchpad.net/ubuntu/+source/tcpdump/4.9.3-0ubuntu0.16.04.1

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20200127/4e00c930/attachment.sig>


More information about the ubuntu-security-announce mailing list