CVE-2017-11543

Source
Severity Critical
Remote Yes
Type Arbitrary code execution
Description
An out-of-bounds write vulnerability was discovered in tcpdump's handling of LINKTYPE_SLIP in the sliplink_print function in print-sl.c. An attacker could craft a malicious pcap file or send specially crafted packets to the network that would cause tcpdump to crash or possibly execute arbitrary code when attempting to print a summary of the packet data.
Group Package Affected Fixed Severity Status Ticket
AVG-361 tcpdump 4.9.1-1 4.9.2-1 Critical Fixed
Date Advisory Group Package Severity Description
13 Sep 2017 ASA-201709-5 AVG-361 tcpdump Critical multiple issues
References
https://github.com/the-tcpdump-group/tcpdump/commit/7039327875525278d17edee59720e29a3e76b7b3
https://github.com/hackerlib/hackerlib-vul/tree/master/tcpdump-vul/global-overflow/print-sl