USN-4252-2: tcpdump vulnerabilities
tcpdump vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary
Several security issues were fixed in tcpdump.
Software Description
- tcpdump – command-line network traffic analyzer
Details
USN-4252-1 fixed several vulnerabilities in tcpdump. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
Multiple security issues were discovered in tcpdump. A remote attacker
could use these issues to cause tcpdump to crash, resulting in a denial of
service, or possibly execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
- Ubuntu 14.04 ESM
- tcpdump – 4.9.3-0ubuntu0.14.04.1+esm1
- Ubuntu 12.04 ESM
- tcpdump – 4.9.3-0ubuntu0.12.04.1
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.
References
- USN-4252-1
- CVE-2017-16808
- CVE-2018-10103
- CVE-2018-10105
- CVE-2018-14461
- CVE-2018-14462
- CVE-2018-14463
- CVE-2018-14464
- CVE-2018-14465
- CVE-2018-14466
- CVE-2018-14467
- CVE-2018-14468
- CVE-2018-14469
- CVE-2018-14470
- CVE-2018-14879
- CVE-2018-14880
- CVE-2018-14881
- CVE-2018-14882
- CVE-2018-16227
- CVE-2018-16228
- CVE-2018-16229
- CVE-2018-16230
- CVE-2018-16300
- CVE-2018-16451
- CVE-2018-16452
- CVE-2018-19519
- CVE-2019-1010220
- CVE-2019-15166
- CVE-2019-15167
Source: USN-4252-2: tcpdump vulnerabilities
