Fixed
Created: Jul 28, 2019
Updated: Mar 13, 2020
Resolved Date: Mar 12, 2020
Found In Version: 10.18.44.1
Fix Version: 10.18.44.11
Severity: Standard
Applicable for: Wind River Linux LTS 18
Component/s: Userspace
tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-hncp.c". The attack vector is: The victim must open a specially crafted pcap file.
CREATE(Triage): {Link=https://nvd.nist.gov/vuln/detail/CVE-2019-1010220 User=admin}