The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
{
"unresolved_ranges": [
{
"cpes": [
"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "8.0"
},
{
"last_affected": "8.0"
},
{
"introduced": "9.0"
},
{
"last_affected": "9.0"
},
{
"introduced": "10.0"
},
{
"last_affected": "10.0"
}
],
"source": "CPE_STRING",
"vendor_product": "debian:debian_linux"
}
]
}{
"extracted_events": [
{
"introduced": "0"
},
{
"last_affected": "4.9.1"
}
],
"cpe": "cpe:2.3:a:tcpdump:tcpdump:*:*:*:*:*:*:*:*",
"source": [
"CPE_RANGE",
"REFERENCES"
]
}"2026-07-08T12:05:19Z"
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-13725.json"
[
{
"signature_type": "Line",
"target": {
"file": "print-rt6.c"
},
"deprecated": false,
"digest": {
"line_hashes": [
"186628623597549222008911635212203302840",
"52325481376303832598869679675747504207",
"242568533770051494769543593021589029016",
"143076117906801747919815541219112453076",
"295331971224321099689664553488575837096",
"166015525088187142266449154920799590229"
],
"threshold": 0.9
},
"id": "CVE-2017-13725-de3281f4",
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/3c4d7c0ee30a30e5abff3d6d9586a3753101faf5",
"signature_version": "v1"
}
]