Severity |
|
Remote |
|
Type |
+ |
Arbitrary code execution |
|
Description |
+ |
An out-of-bounds write vulnerability was discovered in tcpdump's handling of LINKTYPE_SLIP in the sliplink_print function in print-sl.c. An attacker could craft a malicious pcap file or send specially crafted packets to the network that would cause tcpdump to crash or possibly execute arbitrary code when attempting to print a summary of the packet data. |
|
References |
+ |
https://github.com/the-tcpdump-group/tcpdump/commit/7039327875525278d17edee59720e29a3e76b7b3 |
+ |
https://github.com/hackerlib/hackerlib-vul/tree/master/tcpdump-vul/global-overflow/print-sl |
|
Notes |
|