Wind River Support Network

HomeDefectsLIN8-7100

Fixed

LIN8-7100 : Security Advisory - tcpdump - CVE-2017-11108

Created: Jul 13, 2017 Updated: Dec 3, 2018

Resolved Date: Aug 8, 2017

Found In Version: 8.0.0.19

Fix Version: 8.0.0.21

Severity: Standard

Applicable for: Wind River Linux 8

Component/s: Userspace

Description

tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol.

https://nvd.nist.gov/vuln/detail/CVE-2017-11108

Other Downloads

Wind River Linux 8.0.0.21
Wind River Linux 8.0.0.22
Wind River Linux 8.0.0.23
Wind River Linux 8.0.0.24
Wind River Linux 8.0.0.25
Wind River Linux 8.0.0.26
Wind River Linux 8.0.0.27
Wind River Linux 8.0.0.28
Wind River Linux 8.0.0.29
Wind River Linux 8.0.0.30
Wind River Linux 8.0.0.31
Wind River Linux 8.0.0.32
Wind River Linux 8.0.0.33
Wind River Linux 8.0.0.34

CVEs

CVE-2017-11108