CVE-2017-13050
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-13050
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-13050.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2017-13050
- Downstream
- Related
- Published
- 2017-09-14T06:29:03Z
- Modified
- 2025-09-16T06:40:08.575112Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpkirtrpdu_print().
- References
-
- http://www.debian.org/security/2017/dsa-3971
- http://www.securitytracker.com/id/1039307
- http://www.tcpdump.org/tcpdump-changes.txt
- https://access.redhat.com/errata/RHEA-2018:0705
- https://github.com/the-tcpdump-group/tcpdump/commit/83c64fce3a5226b080e535f5131a8a318f30e79b
- https://security.gentoo.org/glsa/201709-23
- https://support.apple.com/HT208221
Affected packages
Debian:11 / tcpdump
Package
- Name
- tcpdump
- Purl
- pkg:deb/debian/tcpdump?arch=source
Debian:12 / tcpdump
Package
- Name
- tcpdump
- Purl
- pkg:deb/debian/tcpdump?arch=source
Debian:13 / tcpdump
Package
- Name
- tcpdump
- Purl
- pkg:deb/debian/tcpdump?arch=source
Debian:14 / tcpdump
Package
- Name
- tcpdump
- Purl
- pkg:deb/debian/tcpdump?arch=source
Git / github.com/the-tcpdump-group/tcpdump
Affected ranges
- Type
- GIT
- Repo
- https://github.com/the-tcpdump-group/tcpdump
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
tcpdump-3.*
tcpdump-3.5.1
tcpdump-3.6.1
tcpdump-3.7.1
tcpdump-3.8-bp
tcpdump-4.*
tcpdump-4.5.0
tcpdump-4.6.0
tcpdump-4.6.0-bp
tcpdump-4.7.0-bp
tcpdump-4.9.0-bp
Database specific
{
"vanir_signatures": [
{
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/83c64fce3a5226b080e535f5131a8a318f30e79b",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"id": "CVE-2017-13050-611448b2",
"digest": {
"function_hash": "141239582794057570470987336506776090372",
"length": 669.0
},
"target": {
"file": "print-rpki-rtr.c",
"function": "rpki_rtr_print"
}
},
{
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/83c64fce3a5226b080e535f5131a8a318f30e79b",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"id": "CVE-2017-13050-6e2b6762",
"digest": {
"function_hash": "295520539632666605697161524966214526591",
"length": 2738.0
},
"target": {
"file": "print-rpki-rtr.c",
"function": "rpki_rtr_pdu_print"
}
},
{
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/83c64fce3a5226b080e535f5131a8a318f30e79b",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"id": "CVE-2017-13050-b35a9eaa",
"digest": {
"line_hashes": [
"91225192506105998309656882204112898242",
"262187063736358619995156440999419109627",
"166315129350058571953828727477546937",
"298006129535044815119760179099668095020",
"97069024222213392060925699335199687026",
"274376829970298274072693113533273873962",
"132812486988574340858222179874944060623",
"73158307040893329996081366393827840434",
"38770803252390384797008997686223905389",
"212840269067239195018939194786318908987",
"279002704646582947593862160923602182035",
"265137096026138749224121276587971217713",
"44759950252258876572735195581578552466",
"118035335837821683127876155457209168411",
"307806445243403754942464742736559115364",
"272211986666805814709347757928471918742",
"107387499406334254861223644004341276718",
"154222773333757247552275543442394240457",
"160813801222478806804778122130602103735",
"85326783791320134857645072949683820516",
"20249441343017067010610491134159143698",
"131339484936026735641148929568921374956",
"168349606390673198360471324889431370689",
"51298838525042395530623939199368487231",
"219103874955128086241251088597746049525",
"39658015490680465377385166222640406669",
"170369174625561933002580279281881596851",
"75693305635627415653940738166097463389",
"256066385969391049856548725411488120046",
"302977702552666175443984893323495525379",
"244639727233687488653275362747246389874",
"136035724361201526636410117822128468066",
"193905384643790201314885535376926075453",
"222083579166922403901453400625932852832",
"111327442546630058018894437750867397131",
"311654193889160677195977760126621811310",
"18805401642157687033404361288566777631",
"213215969876390632206861000434702924592",
"38564528239260236306605177010372377070",
"128028702987161132645786658802809713557",
"243504277049159052955102541089331410045",
"160020244723664695717774184198429046596",
"181284558576093332083798143314413795252",
"254885052039731149284226327759845910557",
"255374403118992587691754886113761878581",
"280514292952836398273678169452419647244",
"124827006203318965317125252843562520352",
"171666692536767969736121637409218891323",
"196742315263719170428405138495212884918",
"74670572121518172502803597968133647696",
"102861354578030637073173144336966009128",
"180143679043341809098086905034756572185",
"80583479480706434155256331599649440692",
"69430313341075875053639353955687386837",
"257169105012863577896570708967603018670",
"278440607665016670347304045157572865899",
"68643347249363866954899736394615644039",
"124402665139142613523638929733597681076",
"242957400948405923637308422249744195281",
"303066998238515926281819426295996133814",
"45634399928560774113077342082911381690",
"101150802627265699164540379340373006190",
"232806047119770206111539639632757842055",
"230874223127518689197709696055832999757",
"137464318650245614603867393268638077713",
"335791640987574347339579410591474143658",
"274512752148104369886257144281043958031",
"50326771297085245924226368369901958819",
"260253245832933644495325604882506999827",
"83426708373943537838967672766163686826",
"140627787723616427051601877283307959667",
"255571027334586559884145787959210886034",
"246086906322735415186696517504570534656",
"56284921621254197337040185374465732940",
"200999076297159106769901060146803910331",
"273510824703989736383203767893246914539",
"315357586201525450452772258317783156022",
"314555068863564744379138678764292929875",
"322985042149821343355826592482294702032",
"319812315341876029931562693857351815255",
"140955276574663499046392430380439924968",
"177835257888985640021649273989301206356",
"227078432055244504477784317279560825988",
"243981764867112182590189507647504660463",
"147846373021940519776798415118844518868",
"203477200432067296163455731527561719376",
"297396953808511234179795849301268865589",
"312043837299654912683802797563832577653",
"322086381283737441953009697811676900405",
"26413248134635780417011726315503089000",
"5335269101984334195666173065618812363",
"100209535229981075889549371278728263426",
"125583023689800364215247893752146311699",
"118035335837821683127876155457209168411",
"192122213145940478726189211086752073395",
"202471555802431994101760567366776854573",
"291729857264382859490272237148900621577",
"60635844057389735514039909875293574998",
"78652959919333060933400491683870156828",
"30150919572514270393151896365953664663",
"47015397611876336831294082398705691217",
"257283038492899271527541778898900362525",
"284586309647032263097930741452681940563",
"39962680461584609871464861530987145535",
"257436138602958186947972051929851501836",
"298006105998509025246215320295043115379",
"187758872079081803776693414336199872419",
"14822241174959720645042805053885924450",
"117990556228961767323321863581370439265"
],
"threshold": 0.9
},
"target": {
"file": "print-rpki-rtr.c"
}
}
]
}