CVE-2017-12997

Source
Severity Medium
Remote Yes
Type Denial of service
Description
An infinite loop vulnerability was discovered in tcpdump's handling of LLDP in tcpdump <= 4.9.1. An attacker could craft a malicious pcap file or send specially crafted packets to the network that would cause tcpdump to enter an infinite loop while processing the packet data leading to denial of service.
Group Package Affected Fixed Severity Status Ticket
AVG-361 tcpdump 4.9.1-1 4.9.2-1 Critical Fixed
Date Advisory Group Package Severity Description
13 Sep 2017 ASA-201709-5 AVG-361 tcpdump Critical multiple issues
References
https://github.com/the-tcpdump-group/tcpdump/commit/34cec721d39c76be1e0a600829a7b17bdfb832b6