CVE-2019-15167
Summary
| CVE | CVE-2019-15167 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-08-27 06:15:00 UTC |
| Updated | 2022-09-01 19:29:00 UTC |
| Description | The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463. |
Risk And Classification
Problem Types: CWE-125
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| (for 4.9.3) VRRP: Add a missing bounds check · the-tcpdump-group/tcpdump@a152aeb · GitHub | CONFIRM | github.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 354252 Amazon Linux Security Advisory for tcpdump : ALAS-2022-1641
- 355052 Amazon Linux Security Advisory for tcpdump : AL2012-2022-376
- 355603 Amazon Linux Security Advisory for tcpdump : ALAS2-2023-2119
- 500686 Alpine Linux Security Update for tcpdump
- 504455 Alpine Linux Security Update for tcpdump
- 673092 EulerOS Security Update for tcpdump (EulerOS-SA-2023-2175)