Bugzilla – Bug 1195825
VUL-0: tcpdump: incomplete fix for CVE-2018-16301
Last modified: 2022-03-09 14:22:38 UTC
tcpdump project reached out that there might be problems with one of the CVEs from 2018. references: https://github.com/the-tcpdump-group/libpcap/issues/855 https://github.com/the-tcpdump-group/tcpdump/commit/8ab211a7ec728bb0ad8c766c8eeb12deb0a13b86
if confirmed would need fixes in: - SUSE:SLE-11:Update/tcpdump - SUSE:SLE-12:Update/tcpdump - SUSE:SLE-15:Update/tcpdump already fixed in - SUSE:SLE-15-SP4:Update/tcpdump
(In reply to Robert Frohl from comment #2) > if confirmed would need fixes in: > > - SUSE:SLE-11:Update/tcpdump > - SUSE:SLE-12:Update/tcpdump > - SUSE:SLE-15:Update/tcpdump issue now confirmed
Created attachment 856075 [details] Back-ported patch for SLE11
SUSE-SU-2022:14890-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1195825 CVE References: CVE-2018-16301 JIRA References: Sources used: SUSE Linux Enterprise Server 11-SP4-LTSS (src): tcpdump-3.9.8-1.30.19.1 SUSE Linux Enterprise Point of Sale 11-SP3 (src): tcpdump-3.9.8-1.30.19.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): tcpdump-3.9.8-1.30.19.1 SUSE Linux Enterprise Debuginfo 11-SP3 (src): tcpdump-3.9.8-1.30.19.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:0505-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1195825 CVE References: CVE-2018-16301 JIRA References: Sources used: SUSE OpenStack Cloud Crowbar 9 (src): tcpdump-4.9.2-14.20.1 SUSE OpenStack Cloud Crowbar 8 (src): tcpdump-4.9.2-14.20.1 SUSE OpenStack Cloud 9 (src): tcpdump-4.9.2-14.20.1 SUSE OpenStack Cloud 8 (src): tcpdump-4.9.2-14.20.1 SUSE Linux Enterprise Server for SAP 12-SP4 (src): tcpdump-4.9.2-14.20.1 SUSE Linux Enterprise Server for SAP 12-SP3 (src): tcpdump-4.9.2-14.20.1 SUSE Linux Enterprise Server 12-SP5 (src): tcpdump-4.9.2-14.20.1 SUSE Linux Enterprise Server 12-SP4-LTSS (src): tcpdump-4.9.2-14.20.1 SUSE Linux Enterprise Server 12-SP3-LTSS (src): tcpdump-4.9.2-14.20.1 SUSE Linux Enterprise Server 12-SP3-BCL (src): tcpdump-4.9.2-14.20.1 SUSE Linux Enterprise Server 12-SP2-BCL (src): tcpdump-4.9.2-14.20.1 HPE Helion Openstack 8 (src): tcpdump-4.9.2-14.20.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:0774-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1195825 CVE References: CVE-2018-16301 JIRA References: Sources used: SUSE Manager Server 4.1 (src): tcpdump-4.9.2-3.18.1 SUSE Manager Retail Branch Server 4.1 (src): tcpdump-4.9.2-3.18.1 SUSE Manager Proxy 4.1 (src): tcpdump-4.9.2-3.18.1 SUSE Linux Enterprise Server for SAP 15-SP2 (src): tcpdump-4.9.2-3.18.1 SUSE Linux Enterprise Server for SAP 15-SP1 (src): tcpdump-4.9.2-3.18.1 SUSE Linux Enterprise Server for SAP 15 (src): tcpdump-4.9.2-3.18.1 SUSE Linux Enterprise Server 15-SP2-LTSS (src): tcpdump-4.9.2-3.18.1 SUSE Linux Enterprise Server 15-SP2-BCL (src): tcpdump-4.9.2-3.18.1 SUSE Linux Enterprise Server 15-SP1-LTSS (src): tcpdump-4.9.2-3.18.1 SUSE Linux Enterprise Server 15-SP1-BCL (src): tcpdump-4.9.2-3.18.1 SUSE Linux Enterprise Server 15-LTSS (src): tcpdump-4.9.2-3.18.1 SUSE Linux Enterprise Realtime Extension 15-SP2 (src): tcpdump-4.9.2-3.18.1 SUSE Linux Enterprise Module for Basesystem 15-SP3 (src): tcpdump-4.9.2-3.18.1 SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src): tcpdump-4.9.2-3.18.1 SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src): tcpdump-4.9.2-3.18.1 SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src): tcpdump-4.9.2-3.18.1 SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src): tcpdump-4.9.2-3.18.1 SUSE Linux Enterprise High Performance Computing 15-LTSS (src): tcpdump-4.9.2-3.18.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS (src): tcpdump-4.9.2-3.18.1 SUSE Enterprise Storage 7 (src): tcpdump-4.9.2-3.18.1 SUSE Enterprise Storage 6 (src): tcpdump-4.9.2-3.18.1 SUSE CaaS Platform 4.0 (src): tcpdump-4.9.2-3.18.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-SU-2022:0774-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1195825 CVE References: CVE-2018-16301 JIRA References: Sources used: openSUSE Leap 15.3 (src): tcpdump-4.9.2-3.18.1