CVE-2017-13000
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-13000
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-13000.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2017-13000
- Downstream
- Related
- Published
- 2017-09-14T06:29:01Z
- Modified
- 2025-10-15T08:46:40.627351Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802154.c:ieee802154ifprint().
- References
-
- http://www.debian.org/security/2017/dsa-3971
- http://www.tcpdump.org/tcpdump-changes.txt
- https://access.redhat.com/errata/RHEA-2018:0705
- https://github.com/the-tcpdump-group/tcpdump/commit/8512734883227c11568bb35da1d48b9f8466f43f
- https://github.com/the-tcpdump-group/tcpdump/commit/9be4e0b5938b705e7e36cfcb110a740c6ff0cb97
- https://github.com/the-tcpdump-group/tcpdump/commit/a7e5f58f402e6919ec444a57946bade7dfd6b184
- https://security.gentoo.org/glsa/201709-23
- http://www.securitytracker.com/id/1039307
- https://support.apple.com/HT208221
Affected packages
Git / github.com/the-tcpdump-group/tcpdump
Affected ranges
- Type
- GIT
- Repo
- https://github.com/the-tcpdump-group/tcpdump
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixedFixed
Affected versions
tcpdump-3.*
tcpdump-3.5.1
tcpdump-3.6.1
tcpdump-3.7.1
tcpdump-3.8-bp
tcpdump-4.*
tcpdump-4.5.0
tcpdump-4.6.0
tcpdump-4.6.0-bp
tcpdump-4.7.0-bp
tcpdump-4.9.0-bp
Database specific
vanir_signatures
[
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/9be4e0b5938b705e7e36cfcb110a740c6ff0cb97",
"signature_version": "v1",
"target": {
"function": "extract_header_length",
"file": "print-802_15_4.c"
},
"digest": {
"function_hash": "254339438518523796895273517665586022801",
"length": 468.0
},
"id": "CVE-2017-13000-0aa262b3"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/9be4e0b5938b705e7e36cfcb110a740c6ff0cb97",
"signature_version": "v1",
"target": {
"function": "ieee802_15_4_if_print",
"file": "print-802_15_4.c"
},
"digest": {
"function_hash": "198202781104442884968810095767213986036",
"length": 1760.0
},
"id": "CVE-2017-13000-3a7d1ed6"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/8512734883227c11568bb35da1d48b9f8466f43f",
"signature_version": "v1",
"target": {
"function": "ieee802_15_4_if_print",
"file": "print-802_15_4.c"
},
"digest": {
"function_hash": "311184672600338955299732616593322622402",
"length": 2860.0
},
"id": "CVE-2017-13000-8eadaed1"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/a7e5f58f402e6919ec444a57946bade7dfd6b184",
"signature_version": "v1",
"target": {
"function": "ieee802_15_4_if_print",
"file": "print-802_15_4.c"
},
"digest": {
"function_hash": "236138534748027893154225613501289495212",
"length": 2864.0
},
"id": "CVE-2017-13000-a58db85b"
},
{
"signature_type": "Line",
"deprecated": false,
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/a7e5f58f402e6919ec444a57946bade7dfd6b184",
"signature_version": "v1",
"target": {
"file": "print-802_15_4.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"74948881275322349871355022037246058782",
"266848018757955042484875169288352360039",
"19445607062749717805473448350690636867",
"290530533765804351163341485773271988260"
]
},
"id": "CVE-2017-13000-a77e84a1"
},
{
"signature_type": "Line",
"deprecated": false,
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/9be4e0b5938b705e7e36cfcb110a740c6ff0cb97",
"signature_version": "v1",
"target": {
"file": "print-802_15_4.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"14928416312480111191808953075078014471",
"156616620883633160552369793372669908429",
"99686628432750085112989528719938575768",
"209590795102151916286369297664685061769",
"147567166440041377636299799976860908681",
"269967048978864748675851946248578099342",
"235738469018673890138708295492973880892",
"205494040976418740669361564502724261109",
"58729301706427643365975561717322474732",
"78713062203395468466397906806801025160",
"305854441198870581192817347689626534633",
"172175687089039660546160762842190872385",
"106561373298369503481662757614279335180",
"327562245075045287204273865813136044945",
"292031940393098949291003352200802200126",
"311316769709977678691585716701466346523",
"308274235259851906079258049564837156092",
"197372456344415658371327565836686194563",
"309859487691932120167120093515178089475",
"192280789168894687458248576127621945378",
"319855589617971789057344930647634482908",
"90490150057327424865045016835805173254",
"42704692338903327814944238192807216656",
"326333553338064908045040876041829018698",
"44653325424091099053014661172483045507",
"4551138682299929342802013652103263710",
"313097992525726021532588574873618037431",
"176231717572008201244980548314722804252",
"308274235259851906079258049564837156092",
"197372456344415658371327565836686194563",
"309859487691932120167120093515178089475",
"192280789168894687458248576127621945378",
"319855589617971789057344930647634482908",
"90490150057327424865045016835805173254",
"42704692338903327814944238192807216656",
"48682702481216871179059194747199973558",
"239348758800675541543814050357366654142",
"237760062623432624015363929566411708603",
"334312933191664277240356317928759670312",
"23703709307691836590721785674075830874",
"122800251927812445901400827361201298176",
"46299414986751046433762065582552925698",
"245089821066935599481879094412958535406",
"152680161476039987525403841368959785753",
"213406767550303288471519678849034154523",
"250584505008086416856616617837172252595",
"236260677346018833626889668354093899192",
"79520093351061384846025390792164340084",
"168663325862292382053695344762128742103",
"111039894209111165412100317288648774445",
"318395561886346906166974636893140123707",
"100860289729984531257237053934505496683",
"28320807112398130189061988391086514505",
"334791055419234790649247363876914122388",
"63161760952433804760690766831710523849",
"86619733984261809910580920185308918004",
"162405595857514061408752140659016032579",
"172817555237113723093475391311136205850",
"15302823262710840964166747050772510656",
"330891102494892415541696198804391085358",
"6593680959690978236191585950638516784",
"195437740650256110276987822502311448400",
"243413524920610626300539760526124874816",
"134091011203167589048933262223156799584",
"221061773413070958501075255876372698198",
"124070030813068072113477531791473371397",
"240129344691254137978282192332577818679",
"108823527033832906423244107757431747879",
"265726416373476843268631252282999831893",
"166365400507714884135085187665344016546",
"220237452389517455816413790052448047773",
"40734958175434404811569952689422465921",
"17397097619269339126739709135990604613",
"168767518447782796386806731716555176213",
"64308969744574984371896431079293827771",
"290732778232469424617726695354148605248",
"330254554747521134953430912610622847234",
"328347517241240855242299817612541141340",
"307966388053138805706924450710990923287",
"312498072866976420244703075419553224302",
"165166209890208672427052420016976071427",
"301076300885303591045103099596989996665",
"316618360045043789179861404213951043370",
"338807326059072860695657457593116633392",
"218426003086720640753863639219874143000",
"14839339894570747615663537400816814859",
"262191407910032143636831386994624894621",
"118420788604079746878530885779314217328",
"111133245261393732540440437561934855625",
"89424522903819545022028690934076459188",
"48604510362490511808506513000211486849",
"256324880465817256666840925606614736527",
"316917730130039383900848342899878997758",
"232637695186416685854053882177393708510",
"280479208952268072063996823218829744177",
"239687295962677090506025637643758337956",
"290732778232469424617726695354148605248",
"40007708900833151143565350678453220489",
"109450116966819176784949234094087703110",
"55795818511489875007402996255803370068",
"195555266427387633544643536770112323283",
"140419690891376005539782013194738890877",
"246542967083569261926410814708959487218",
"26067911925432264290104540122964754006",
"87462860762171812137463210654536371566",
"123960861603166591201368004349196171583",
"227382349233307137112324420868713911605",
"218426003086720640753863639219874143000",
"74114617453181941471211372939216634960",
"237924228912186824923768548433694157285",
"314059268914241664932136512829140095144",
"26067911925432264290104540122964754006",
"1043377888292962701350523237539477789",
"124227261168804669512882097551417091458",
"145772664711917008774863968374507621974",
"48604510362490511808506513000211486849",
"324386229516012582968268529449749799828",
"140589842971996371210614291904817687441",
"244040572903268701446166930832441342094",
"86542791097475524375667475408658312628",
"252129821578818699134401875951624746058",
"168599226433220774639750803178905459277"
]
},
"id": "CVE-2017-13000-fc9bb350"
},
{
"signature_type": "Line",
"deprecated": false,
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/8512734883227c11568bb35da1d48b9f8466f43f",
"signature_version": "v1",
"target": {
"file": "print-802_15_4.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"274427916398148889625110220882819512166",
"216894121904853431840296119057193714706",
"191247263575215367386597583036479173033",
"194585236765305966185076491498005644698"
]
},
"id": "CVE-2017-13000-fe9638f7"
}
]