CVE-2017-13690

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-13690
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-13690.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-13690
Downstream
Related
Published
2017-09-14T06:29:03Z
Modified
2025-10-21T04:11:04.422973Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.

References

Affected packages

Git / github.com/the-tcpdump-group/tcpdump

Affected ranges

Type
GIT
Repo
https://github.com/the-tcpdump-group/tcpdump
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
8dca25d26c7ca2caf6138267f6f17111212c156e

Affected versions

tcpdump-3.*

tcpdump-3.5.1
tcpdump-3.6.1
tcpdump-3.7.1
tcpdump-3.8-bp

tcpdump-4.*

tcpdump-4.5.0
tcpdump-4.6.0
tcpdump-4.6.0-bp
tcpdump-4.7.0-bp
tcpdump-4.9.0-bp

Database specific

vanir_signatures

[
    {
        "id": "CVE-2017-13690-1e3b5ed5",
        "target": {
            "file": "print-isakmp.c"
        },
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "288303206815063071444976806863575406109",
                "197522240038908396823623330607715236239",
                "148802145652830577150781074882921075218",
                "26991910271183248959422571194610148734",
                "24311259169816663942481788210018546486",
                "223869914729728000827177297719049351135",
                "280012111637951065287198526056617736799",
                "52571959340889907731159754660933890535",
                "24311259169816663942481788210018546486",
                "223869914729728000827177297719049351135",
                "280012111637951065287198526056617736799",
                "52571959340889907731159754660933890535",
                "220702710856966676041308658784087976543",
                "260033209646620660514725128234100886636",
                "217332147909525353162305691965380244046",
                "26991910271183248959422571194610148734",
                "220702710856966676041308658784087976543",
                "260033209646620660514725128234100886636",
                "217332147909525353162305691965380244046",
                "26991910271183248959422571194610148734",
                "220702710856966676041308658784087976543",
                "260033209646620660514725128234100886636",
                "217332147909525353162305691965380244046",
                "26991910271183248959422571194610148734",
                "280625624614270977117372978300236534601",
                "71036110205656248740253237064885510569",
                "217332147909525353162305691965380244046",
                "26991910271183248959422571194610148734",
                "174579763635317718049693707856786511706",
                "84953133567910763396430701003380471262",
                "154700459313122489161817712129444549901",
                "169678471205940990271230654115964999948",
                "84953133567910763396430701003380471262",
                "154700459313122489161817712129444549901",
                "120357185471365869442744825327288930681",
                "120768957341962753938356267643074934443",
                "216229715149979808761071725403094337190",
                "29763415996067823151106505978218381064",
                "304069706884619263823059727446285183353",
                "337046339052945664807206788422864268985",
                "135503407967708129186102407134963727207",
                "15492506954808660412812937869368095039",
                "234472403489172381745181073975536684836",
                "330276087947546011234621400342818874487",
                "172074388982271625753707247044571290522",
                "251724568872002900552238118116740195676",
                "45105592155129172243421170518564625902",
                "134175022597861525950001186406581666381",
                "96514579449962515266092451478459101751",
                "132477617113152664004028784403831927290",
                "271107428444617971712929011055185369964",
                "89622159173051769662102916247815272360",
                "61662722413497063612821694848817714110",
                "200051863270392331585261054326021326550",
                "310017877175793950664541791623071903697",
                "271027972119889231566307310286130530529",
                "212141615795131374975016998420884424463",
                "97729183196028864884345452017638496145",
                "294768727679703161059884341806409385667",
                "94578560215225829637132984779297930404",
                "323734465856242215930095326946580405922",
                "309491104395452579471314838555040486890",
                "94578560215225829637132984779297930404",
                "323734465856242215930095326946580405922",
                "309491104395452579471314838555040486890"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "source": "https://github.com/the-tcpdump-group/tcpdump/commit/8dca25d26c7ca2caf6138267f6f17111212c156e",
        "signature_type": "Line"
    },
    {
        "id": "CVE-2017-13690-c5c42d11",
        "target": {
            "function": "ikev2_auth_print",
            "file": "print-isakmp.c"
        },
        "signature_version": "v1",
        "digest": {
            "length": 1040.0,
            "function_hash": "290109167627957511062339855223408326176"
        },
        "deprecated": false,
        "source": "https://github.com/the-tcpdump-group/tcpdump/commit/8dca25d26c7ca2caf6138267f6f17111212c156e",
        "signature_type": "Function"
    }
]