Vulnerability Details CVE-2023-1801
The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.3%
CVSS Severity
CVSS v3 Score 6.5
References
- https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc
- https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOA2BJFERAC3VRQIRHJOWN4HZY4ZA7CH/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYL5DEVHRJYF2CM5LTCZKEYFYDZAIZSN/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLLZCG23MU6O4QOG2CX3DLEL3YXP6LAI/
- https://support.apple.com/kb/HT213844
- https://support.apple.com/kb/HT213845
- https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc
- https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOA2BJFERAC3VRQIRHJOWN4HZY4ZA7CH/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYL5DEVHRJYF2CM5LTCZKEYFYDZAIZSN/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLLZCG23MU6O4QOG2CX3DLEL3YXP6LAI/
- https://support.apple.com/kb/HT213844
- https://support.apple.com/kb/HT213845