CVE-2017-13000

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-13000

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-13000.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2017-13000

Downstream

DEBIAN-CVE-2017-13000

DLA-1097-1

DSA-3971-1

RHEA-2018:0705

SUSE-SU-2017:2854-1

UBUNTU-CVE-2017-13000

USN-3415-1

openSUSE-SU-2024:11425-1

Related

Published

2017-09-14T06:29:01.137Z

Modified

2025-11-14T05:01:53.739180Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802154.c:ieee802154ifprint().

References

Affected packages

Git / github.com/the-tcpdump-group/tcpdump

Affected ranges

Type: GIT
Repo: https://github.com/the-tcpdump-group/tcpdump
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

8512734883227c11568bb35da1d48b9f8466f43f

Fixed

9be4e0b5938b705e7e36cfcb110a740c6ff0cb97

Fixed

a7e5f58f402e6919ec444a57946bade7dfd6b184

Affected versions

tcpdump-3.*

tcpdump-3.5.1

tcpdump-3.6.1

tcpdump-3.7.1

tcpdump-3.8-bp

tcpdump-4.*

tcpdump-4.5.0

tcpdump-4.6.0

tcpdump-4.6.0-bp

tcpdump-4.7.0-bp

tcpdump-4.9.0-bp

Database specific

vanir_signatures

[
    {
        "digest": {
            "length": 468.0,
            "function_hash": "254339438518523796895273517665586022801"
        },
        "target": {
            "file": "print-802_15_4.c",
            "function": "extract_header_length"
        },
        "deprecated": false,
        "id": "CVE-2017-13000-0aa262b3",
        "signature_version": "v1",
        "source": "https://github.com/the-tcpdump-group/tcpdump/commit/9be4e0b5938b705e7e36cfcb110a740c6ff0cb97",
        "signature_type": "Function"
    },
    {
        "digest": {
            "length": 1760.0,
            "function_hash": "198202781104442884968810095767213986036"
        },
        "target": {
            "file": "print-802_15_4.c",
            "function": "ieee802_15_4_if_print"
        },
        "deprecated": false,
        "id": "CVE-2017-13000-3a7d1ed6",
        "signature_version": "v1",
        "source": "https://github.com/the-tcpdump-group/tcpdump/commit/9be4e0b5938b705e7e36cfcb110a740c6ff0cb97",
        "signature_type": "Function"
    },
    {
        "digest": {
            "length": 2860.0,
            "function_hash": "311184672600338955299732616593322622402"
        },
        "target": {
            "file": "print-802_15_4.c",
            "function": "ieee802_15_4_if_print"
        },
        "deprecated": false,
        "id": "CVE-2017-13000-8eadaed1",
        "signature_version": "v1",
        "source": "https://github.com/the-tcpdump-group/tcpdump/commit/8512734883227c11568bb35da1d48b9f8466f43f",
        "signature_type": "Function"
    },
    {
        "digest": {
            "line_hashes": [
                "14928416312480111191808953075078014471",
                "156616620883633160552369793372669908429",
                "99686628432750085112989528719938575768",
                "209590795102151916286369297664685061769",
                "147567166440041377636299799976860908681",
                "269967048978864748675851946248578099342",
                "235738469018673890138708295492973880892",
                "205494040976418740669361564502724261109",
                "58729301706427643365975561717322474732",
                "78713062203395468466397906806801025160",
                "305854441198870581192817347689626534633",
                "172175687089039660546160762842190872385",
                "106561373298369503481662757614279335180",
                "327562245075045287204273865813136044945",
                "292031940393098949291003352200802200126",
                "311316769709977678691585716701466346523",
                "308274235259851906079258049564837156092",
                "197372456344415658371327565836686194563",
                "309859487691932120167120093515178089475",
                "192280789168894687458248576127621945378",
                "319855589617971789057344930647634482908",
                "90490150057327424865045016835805173254",
                "42704692338903327814944238192807216656",
                "326333553338064908045040876041829018698",
                "44653325424091099053014661172483045507",
                "4551138682299929342802013652103263710",
                "313097992525726021532588574873618037431",
                "176231717572008201244980548314722804252",
                "308274235259851906079258049564837156092",
                "197372456344415658371327565836686194563",
                "309859487691932120167120093515178089475",
                "192280789168894687458248576127621945378",
                "319855589617971789057344930647634482908",
                "90490150057327424865045016835805173254",
                "42704692338903327814944238192807216656",
                "48682702481216871179059194747199973558",
                "239348758800675541543814050357366654142",
                "237760062623432624015363929566411708603",
                "334312933191664277240356317928759670312",
                "23703709307691836590721785674075830874",
                "122800251927812445901400827361201298176",
                "46299414986751046433762065582552925698",
                "245089821066935599481879094412958535406",
                "152680161476039987525403841368959785753",
                "213406767550303288471519678849034154523",
                "250584505008086416856616617837172252595",
                "236260677346018833626889668354093899192",
                "79520093351061384846025390792164340084",
                "168663325862292382053695344762128742103",
                "111039894209111165412100317288648774445",
                "318395561886346906166974636893140123707",
                "100860289729984531257237053934505496683",
                "28320807112398130189061988391086514505",
                "334791055419234790649247363876914122388",
                "63161760952433804760690766831710523849",
                "86619733984261809910580920185308918004",
                "162405595857514061408752140659016032579",
                "172817555237113723093475391311136205850",
                "15302823262710840964166747050772510656",
                "330891102494892415541696198804391085358",
                "6593680959690978236191585950638516784",
                "195437740650256110276987822502311448400",
                "243413524920610626300539760526124874816",
                "134091011203167589048933262223156799584",
                "221061773413070958501075255876372698198",
                "124070030813068072113477531791473371397",
                "240129344691254137978282192332577818679",
                "108823527033832906423244107757431747879",
                "265726416373476843268631252282999831893",
                "166365400507714884135085187665344016546",
                "220237452389517455816413790052448047773",
                "40734958175434404811569952689422465921",
                "17397097619269339126739709135990604613",
                "168767518447782796386806731716555176213",
                "64308969744574984371896431079293827771",
                "290732778232469424617726695354148605248",
                "330254554747521134953430912610622847234",
                "328347517241240855242299817612541141340",
                "307966388053138805706924450710990923287",
                "312498072866976420244703075419553224302",
                "165166209890208672427052420016976071427",
                "301076300885303591045103099596989996665",
                "316618360045043789179861404213951043370",
                "338807326059072860695657457593116633392",
                "218426003086720640753863639219874143000",
                "14839339894570747615663537400816814859",
                "262191407910032143636831386994624894621",
                "118420788604079746878530885779314217328",
                "111133245261393732540440437561934855625",
                "89424522903819545022028690934076459188",
                "48604510362490511808506513000211486849",
                "256324880465817256666840925606614736527",
                "316917730130039383900848342899878997758",
                "232637695186416685854053882177393708510",
                "280479208952268072063996823218829744177",
                "239687295962677090506025637643758337956",
                "290732778232469424617726695354148605248",
                "40007708900833151143565350678453220489",
                "109450116966819176784949234094087703110",
                "55795818511489875007402996255803370068",
                "195555266427387633544643536770112323283",
                "140419690891376005539782013194738890877",
                "246542967083569261926410814708959487218",
                "26067911925432264290104540122964754006",
                "87462860762171812137463210654536371566",
                "123960861603166591201368004349196171583",
                "227382349233307137112324420868713911605",
                "218426003086720640753863639219874143000",
                "74114617453181941471211372939216634960",
                "237924228912186824923768548433694157285",
                "314059268914241664932136512829140095144",
                "26067911925432264290104540122964754006",
                "1043377888292962701350523237539477789",
                "124227261168804669512882097551417091458",
                "145772664711917008774863968374507621974",
                "48604510362490511808506513000211486849",
                "324386229516012582968268529449749799828",
                "140589842971996371210614291904817687441",
                "244040572903268701446166930832441342094",
                "86542791097475524375667475408658312628",
                "252129821578818699134401875951624746058",
                "168599226433220774639750803178905459277"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "print-802_15_4.c"
        },
        "deprecated": false,
        "id": "CVE-2017-13000-fc9bb350",
        "signature_version": "v1",
        "source": "https://github.com/the-tcpdump-group/tcpdump/commit/9be4e0b5938b705e7e36cfcb110a740c6ff0cb97",
        "signature_type": "Line"
    }
]