USN-4252-1: tcpdump vulnerabilities
tcpdump vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary
Several security issues were fixed in tcpdump.
Software Description
- tcpdump – command-line network traffic analyzer
Details
Multiple security issues were discovered in tcpdump. A remote attacker
could use these issues to cause tcpdump to crash, resulting in a denial of
service, or possibly execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
- Ubuntu 18.04 LTS
- tcpdump – 4.9.3-0ubuntu0.18.04.1
- Ubuntu 16.04 LTS
- tcpdump – 4.9.3-0ubuntu0.16.04.1
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.
References
- CVE-2017-16808
- CVE-2018-10103
- CVE-2018-10105
- CVE-2018-14461
- CVE-2018-14462
- CVE-2018-14463
- CVE-2018-14464
- CVE-2018-14465
- CVE-2018-14466
- CVE-2018-14467
- CVE-2018-14468
- CVE-2018-14469
- CVE-2018-14470
- CVE-2018-14879
- CVE-2018-14880
- CVE-2018-14881
- CVE-2018-14882
- CVE-2018-16227
- CVE-2018-16228
- CVE-2018-16229
- CVE-2018-16230
- CVE-2018-16300
- CVE-2018-16451
- CVE-2018-16452
- CVE-2018-19519
- CVE-2019-1010220
- CVE-2019-15166
- CVE-2019-15167
Leave a Reply