CVE-2018-14464

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2018-14464
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-14464.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2018-14464
Downstream
Related
Published
2019-10-03T16:15:11Z
Modified
2025-10-15T09:21:05.925112Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmpprintdatalinksubobjs().

References

Affected packages

Git / github.com/the-tcpdump-group/tcpdump

Affected ranges

Type
GIT
Repo
https://github.com/the-tcpdump-group/tcpdump
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
d97e94223720684c6aa740ff219e0d19426c2220

Affected versions

tcpdump-3.*

tcpdump-3.5.1
tcpdump-3.6.1
tcpdump-3.7.1
tcpdump-3.8-bp

tcpdump-4.*

tcpdump-4.5.0
tcpdump-4.6.0
tcpdump-4.6.0-bp
tcpdump-4.7.0-bp
tcpdump-4.9.0
tcpdump-4.9.0-bp
tcpdump-4.9.1
tcpdump-4.9.2

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "id": "CVE-2018-14464-47b28fbd",
        "source": "https://github.com/the-tcpdump-group/tcpdump/commit/d97e94223720684c6aa740ff219e0d19426c2220",
        "signature_version": "v1",
        "target": {
            "function": "lmp_print_data_link_subobjs",
            "file": "print-lmp.c"
        },
        "digest": {
            "function_hash": "223781097617941555671292774538573925077",
            "length": 1575.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "id": "CVE-2018-14464-6149f4b2",
        "source": "https://github.com/the-tcpdump-group/tcpdump/commit/d97e94223720684c6aa740ff219e0d19426c2220",
        "signature_version": "v1",
        "target": {
            "function": "lmp_print",
            "file": "print-lmp.c"
        },
        "digest": {
            "function_hash": "111531773032566227848925832575478875783",
            "length": 15842.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2018-14464-a00e0da2",
        "source": "https://github.com/the-tcpdump-group/tcpdump/commit/d97e94223720684c6aa740ff219e0d19426c2220",
        "signature_version": "v1",
        "target": {
            "file": "print-lmp.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "211645286450770030049170253702969949252",
                "331046351244714000878651818245382258605",
                "312452169484149012542514683871108143242",
                "11072548933551033353887830140605766698",
                "49962724955565531448745371898632588053",
                "123096101720696760240597195359952597719",
                "69329811293033162148935782802049672309",
                "76379693740291541415781019142619384520",
                "71875287416245361337864187456621964705",
                "103287619098535877798894211131711328987",
                "226650534762602372832433522816504437693",
                "47154329592761970152510065029831609760",
                "79883790364244945536289590175877805168",
                "231034633513059032859068608921912721828",
                "191410550562165635764307030616361762868",
                "203723792075020222078979196281577810611",
                "303340729823119421557705235790980184046",
                "58901518268968960572767641780772982749",
                "278720817935718714037980234024072685248",
                "70256183810503396506662378120769014038",
                "52830941610203417572298827682465439321",
                "292884148387453558161593985863454509247",
                "191410550562165635764307030616361762868",
                "92258865668750712153216822031590911446"
            ]
        },
        "deprecated": false
    }
]