Bugzilla – Bug 1222853
VUL-0: CVE-2024-2397: tcpdump: infinite loop in the PPP printer of tcpdump may lead to denial of service
Last modified: 2024-04-15 15:10:53 UTC
Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-2397 https://www.cve.org/CVERecord?id=CVE-2024-2397 https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2 https://bugzilla.redhat.com/show_bug.cgi?id=2274792
No codestreams are affected by this issue. The changes which led to the introduction of the vulnerability were added by commit 0d4083e [0], and these are not present in the tcpdump codestreams. More information is available in the issue opened for this vulnerability [1], as well as in the CVE record for it [2]. [0] https://github.com/the-tcpdump-group/tcpdump/commit/0d4083ee8687a9f6578e26a1407bd9f2a9d27885 [1] https://github.com/the-tcpdump-group/tcpdump/issues/1145 [2] https://www.cve.org/CVERecord?id=CVE-2024-2397