CVE-2024-2397

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-2397

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-2397.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-2397

Related

Published

2024-04-12T14:15:07Z

Modified

2025-01-15T05:08:27.363987Z

Downstream

openSUSE-SU-2024:14305-1

Summary

[none]

Details

Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLTPPPSERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21.

References

Affected packages

Git / github.com/the-tcpdump-group/tcpdump

Affected ranges

Type: GIT
Repo: https://github.com/the-tcpdump-group/tcpdump
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2

Fixed

b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2

Affected versions

tcpdump-3.*

tcpdump-3.5.1

tcpdump-3.6.1

tcpdump-3.7.1

tcpdump-3.8-bp

tcpdump-4.*

tcpdump-4.5.0

tcpdump-4.6.0

tcpdump-4.6.0-bp

tcpdump-4.7.0-bp

tcpdump-4.9.0-bp

tcpdump-4.99-bp

tcpdump-4.99.0-bp