tcpdump 4.x vulnerabilities

Asked by it0001 on 2019-11-20

Hello there,

I am using Ubuntu 16 and 18.

Turns out that tcpdump 4.x is affected by the following CVEs:

CVE‑2018‑14463 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14463> , CVE‑2018‑14881 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14881> , CVE‑2018‑16452 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16452> , CVE‑2018‑14462 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14462> , CVE‑2018‑16301 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16301> , CVE‑2018‑14466 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14466> , CVE‑2018‑16451 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16451> , CVE‑2019‑15166 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15166> , CVE‑2018‑16228 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16228> , CVE‑2018‑14461 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14461> , CVE‑2018‑14467 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14467> , CVE‑2018‑14465 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14465> , CVE‑2018‑16300 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16300> , CVE‑2018‑14464 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14464> , CVE‑2018‑14470 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14470> , CVE‑2018‑16227 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16227> , CVE‑2018‑16230 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16230> , CVE‑2018‑14469 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14469> , CVE‑2018‑14880 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14880> , CVE‑2018‑16229 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16229> , CVE‑2019‑15167 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15167> , CVE‑2018‑14468 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14468> , CVE‑2018‑14882 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14882>

Latest version for Ubuntu 16 and 18 is 4.9.2.

Solution should be to update to version 4.9.3.

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu Edit question
Assignee:
No assignee Edit question
Last query:
2019-11-20
Last reply:
2019-11-20
Manfred Hampl (m-hampl) said : #1

The issue seems to be known, and work has already started, see https://people.canonical.com/~ubuntu-security/cve/pkg/tcpdump.html

Can you help with this problem?

Provide an answer of your own, or ask it0001 for more information if necessary.

To post a message you must log in.