CVE-2018-14465

Published: Oct 3, 2019Modified: Dec 17, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().

Affected (13)

Products: Apple: Mac Os X · Debian: Debian Linux · F5: Traffix Signaling Delivery Controller · +4 more

Show all products

Apple: Mac Os X · Debian: Debian Linux · F5: Traffix Signaling Delivery Controller · Fedoraproject: Fedora · Opensuse: Leap · Redhat: Enterprise Linux · Tcpdump: Tcpdump

1 product

1 product

1 product

Traffix Signaling Delivery Controller

1 product

1 product

1 product

Enterprise Linux

1 product

Configuration B

13 vulnerable

Vulnerable Software	Affected Versions
Apple Mac Os X	Before 10.15.2
Debian Debian Linux	Version 10.0
Debian Debian Linux	Version 8.0
Debian Debian Linux	Version 9.0
F5 Traffix Signaling Delivery Controller	From 5.0.0 to 5.1.0
Fedoraproject Fedora	Version 29
Fedoraproject Fedora	Version 30
Fedoraproject Fedora	Version 31
Opensuse Leap	Version 15.0
Opensuse Leap	Version 15.1
Redhat Enterprise Linux	Version 7.0
Redhat Enterprise Linux	Version 8.0
Tcpdump Tcpdump	Before 4.9.3

Related CWEs

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

References (32)

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html

Source: cve@mitre.org

Third Party Advisory

http://seclists.org/fulldisclosure/2019/Dec/26

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES

Source: cve@mitre.org

Release NotesThird Party Advisory

https://github.com/the-tcpdump-group/tcpdump/commit/bea2686c296b79609060a104cc139810785b0739

Source: cve@mitre.org

PatchThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html

Source: cve@mitre.org

Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/

Source: cve@mitre.org

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/

Source: cve@mitre.org

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/

Source: cve@mitre.org

https://seclists.org/bugtraq/2019/Dec/23

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://seclists.org/bugtraq/2019/Oct/28

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://security.netapp.com/advisory/ntap-20200120-0001/

Source: cve@mitre.org

https://support.apple.com/kb/HT210788

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4252-1/

Source: cve@mitre.org

https://usn.ubuntu.com/4252-2/

Source: cve@mitre.org

https://www.debian.org/security/2019/dsa-4547

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://seclists.org/fulldisclosure/2019/Dec/26

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesThird Party Advisory

https://github.com/the-tcpdump-group/tcpdump/commit/bea2686c296b79609060a104cc139810785b0739

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/

Source: af854a3a-2127-422b-91ae-364da2661108

https://seclists.org/bugtraq/2019/Dec/23

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://seclists.org/bugtraq/2019/Oct/28

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://security.netapp.com/advisory/ntap-20200120-0001/

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/kb/HT210788

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://usn.ubuntu.com/4252-1/

Source: af854a3a-2127-422b-91ae-364da2661108

https://usn.ubuntu.com/4252-2/

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.debian.org/security/2019/dsa-4547

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.