MGASA-2018-0401

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2018-0401.html

Import Source

https://advisories.mageia.org/MGASA-2018-0401.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2018-0401

Related

CVE-2018-14938

Published

2018-10-19T18:00:37Z

Modified

2018-10-19T17:33:56Z

Summary

Updated tcpflow packages fix security vulnerability

Details

pdated tcpflow package fixes security vulnerability:

An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handleprism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle80211, which will result in an out-of-bounds read and may allow access to sensitive memory or a denial of service (CVE-2018-14938).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:6 / tcpflow

Package

Name: tcpflow
Purl: pkg:rpm/mageia/tcpflow?distro=mageia-6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.5.0-1.mga6

Ecosystem specific

{
    "section": "core"
}