CVE-2017-5482 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print().
High
I
Internet Bug Bounty
Submitted None
Actions:
Reported by
geeknik
Vulnerability Details
Technical details and impact analysis
Reported to the project maintainers in 2016. Regardless of CVE-2016-8575 q933_print()
still could overread the buffer trying to parse a short packet. Fixed by https://github.com/the-tcpdump-group/tcpdump/commit/c39c1d99ac3b6d5d9519b39da6717180651650d3.
Related CVEs
Associated Common Vulnerabilities and Exposures
CVE-2016-8575
UNKNOWN
The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482.
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Memory Corruption - Generic