[USN-4252-2] tcpdump vulnerabilities

Leonidas S. Barbosa leo.barbosa at canonical.com
Mon Jan 27 18:49:54 UTC 2020

Ubuntu Security Notice USN-4252-2
January 27, 2020

tcpdump vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM


Several security issues were fixed in tcpdump.

Software Description:
- tcpdump: command-line network traffic analyzer


USN-4252-1 fixed several vulnerabilities in tcpdump. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Original advisory details:

 Multiple security issues were discovered in tcpdump. A remote attacker
 could use these issues to cause tcpdump to crash, resulting in a denial of
 service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 ESM:
  tcpdump                         4.9.3-0ubuntu0.14.04.1+esm1

Ubuntu 12.04 ESM:
  tcpdump                         4.9.3-0ubuntu0.12.04.1

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary

  CVE-2017-16808, CVE-2018-10103, CVE-2018-10105, CVE-2018-14461,
  CVE-2018-14462, CVE-2018-14463, CVE-2018-14464, CVE-2018-14465,
  CVE-2018-14466, CVE-2018-14467, CVE-2018-14468, CVE-2018-14469,
  CVE-2018-14470, CVE-2018-14879, CVE-2018-14880, CVE-2018-14881,
  CVE-2018-14882, CVE-2018-16227, CVE-2018-16228, CVE-2018-16229,
  CVE-2018-16230, CVE-2018-16300, CVE-2018-16451, CVE-2018-16452,
  CVE-2018-19519, CVE-2019-1010220, CVE-2019-15166, CVE-2019-15167
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20200127/36acb49a/attachment.sig>

More information about the ubuntu-security-announce mailing list